The OpenBSD guys have been working on closing buffer overflow holes.
Slashdot has this pointer to a msg from Theo de Raadt:
http://groups.google.com/groups?selm=b1aq2h%242q9g%241%40FreeBSD.csie.NCTU.edu.tw&output=gplain
In the last while, a couple of people in OpenBSD have
been putting some buffer overflow "solutions" into our
source tree; under my continual prodding. I thought I
would summarize some of these and how they fit together,
since what I have seen written up so far has been
wildly inaccurate. (Bad reporter, no cookie).
These are, in short form:
1) PROT_* purity
2) W^X
3) .rodata
4) propolice
...
I like the idea of turning off execute permission on the stack pages.
PEK
---
--
Phoebe-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/phoebe-list
