On Thu, 2005-04-07 at 09:22 +1000, Phill wrote: > OK. I did a bit of reading on the subject. Linux can be vulnerable to > buffer overrun attacks can't it? If not, why not?
Absolutely. Everything can be susceptible to these attacks if they are written in a language that allows it, typically C. There are tools that instrument executable to "prevent" such attacks but there is a performance cost and they are often breakable. There is an exploit that works with the buffer overrun detection of windows already. If you have the most secure kernel in history and you run software that is broken then you may be exposed, eg latest kernel and old version of apache. Security and hacker prevention is not about solving one simple problem, it is a total package. -- Ken Foskey OpenOffice.org developer -- SLUG - Sydney Linux User's Group Mailing List - http://slug.org.au/ Subscription info and FAQs: http://slug.org.au/faq/mailinglists.html
