Date: Thu, 5 Jun 2003 11:33:28 +0200 From: jeremie le-hen <le-hen_j@epita.fr> To: Tim Baur <tbaur@panaso.com> Cc: freebsd-security@freebsd.org Subject: Re: Non-Executable Stack Patch Message-ID: <20030605093328.GD22086@carpediem.epita.fr> In-Reply-To: <0306042122420.58298@neobe.cnanfb.pbz> References: <3EDE8ECE.6040400@superig.com.br> <0306042122420.58298@neobe.cnanfb.pbz>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jun 04, 2003 at 09:23:57PM -0700, Tim Baur wrote:
> On Wed, 4 Jun 2003, Tony Meman wrote:
>
> > I was wondering if there's any non-executable stack patch for
> > FreeBSD's kernel.
> >
> > [...]
> >
> > I'm not interested in patches for gcc or alikes either.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> http://www.trl.ibm.com/projects/security/ssp/buildfreebsd.html
>From http://www.trl.ibm.com/projects/security/ssp/ :
<< What's the stack-smashing protector?
It is a GCC (Gnu Compiler Collection) extension for protecting
applications from stack-smashing attacks. Applications written
in C will be protected by the method that automatically inserts
protection code into an application at compilation time. >>
I also had a quick look to the patch, and it's clearly GCC which is
mainly modified. A very few kernel source files are changed, in
order to make a panic when a stack overflow occurs within it.
--
Jeremie aka TtZ/TataZ
jeremie.le-hen@epita.fr
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030605093328.GD22086>