Date: Wed, 19 Apr 2000 02:20:28 -0400 (EDT) From: "Harry M. Leitzell" <Harry_M_Leitzell@cmu.edu> To: Kris Kennaway <kris@FreeBSD.org> Cc: Ng Pheng Siong <ngps@post1.com>, freebsd-security@freebsd.org Subject: Re: StackGuard, etc.? Message-ID: <Pine.SOL.3.96L.1000419020111.12190A-100000@unix4.andrew.cmu.edu> In-Reply-To: <Pine.BSF.4.21.0004181233190.95988-100000@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
StackGuard modifies the compiler ( the latest version also includes some method of canary injection that prevents heap exploitation as well I do believe? ), but Solar Designers code modifies the kernel. Basically, if you look at from the standpoint of which would be nicer to have, I would say having flags within the kernel would be best. Even though Solaris does a crappy job of stack protection, it is a nice model to aspire to. Have a flag that anything with +s gets run through the stack / heap protection code, or if its being run as root, or is a daemon, etc ... You set the parameters, it doesn't matter if you got it in binary only format, it protects you none the less. Anyhow, there are a couple different ways to protect the stack and if they aren't implemented correctly together, the protection is pretty worthless. For more detail on why stack protection isn't enough, visit http://www.w00w00.org/files/articles/heaptut.txt which is a good article by Matt Conover. Enough ranting, I will start coding and putting out results for everyone to pour over and chuckle about =]. Only thing that is bugging me is some method of doing heap protection at run time that doesn't break things. If anyone has any thoughts on how to do this, please send me an email so I can hack away at it. Toodles On Tue, 18 Apr 2000, Kris Kennaway wrote: > On Tue, 18 Apr 2000, Ng Pheng Siong wrote: > > > Just wondering if StackGuard, Solar Designer's non-executable > > stack design, etc. apply to FreeBSD. > > > > If not, are there others that do? > > The basic design is compatible with FreeBSD, but it needs to be > ported. Because it modifies gcc, it's linux-specific at present. > > It would be a *very* useful project for someone who wants to work on a > compiler project. > > Kris > > ---- > In God we Trust -- all others must submit an X.509 certificate. > -- Charles Forsythe <forsythe@alum.mit.edu> > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > [-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-] Harry M. Leitzell - Harry_M_Leitzell@cmu.edu Carnegie Mellon University Finger for PGP Public Key [-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-=--=-] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.3.96L.1000419020111.12190A-100000>