Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 20 Jul 1998 22:26:13 +0400
From:      Alexandre Snarskii <snar@paranoia.ru>
To:        Brett Glass <brett@lariat.org>, Alexandre Snarskii <snar@paranoia.ru>
Cc:        security@FreeBSD.ORG
Subject:   Re: The 99,999-bug question: Why can you execute from the stack?
Message-ID:  <19980720222613.37562@nevalink.ru>
In-Reply-To: <199807201714.LAA19993@lariat.lariat.org>; from Brett Glass on Mon, Jul 20, 1998 at 11:14:33AM -0600
References:  <199807200148.TAA07794@harmony.village.org> <199807200102.SAA07953@bubba.whistle.com> <199807200148.TAA07794@harmony.village.org> <19980720152932.42290@nevalink.ru> <199807201714.LAA19993@lariat.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Mon, Jul 20, 1998 at 11:14:33AM -0600, Brett Glass wrote:
> Waitaminnit. Intel installed, IN THE x86 CHIPS WE ARE NOW USING, special
> hardware designed to guard against these exploits. The mechanisms
> they designed are called "segments" and "call gates" (among other
> things). And what do we do? We turn it off. In fact, Intel sees
> so few people using these vital features that it doesn't bother
> to speed them up in new CPU models, as they do other parts of
> the chip.
> 
> In short, the hackers who want slightly more convenient "flat" 
> address spaces have contributed in devastating ways to the problems
> we have now.

Can you release kernel patches to realise hardware-level protection ? 
( I'm not an experienced kernel programer, and have no enough time 
to learn kernel internals, sorry :( )

I know, that my solution is rather 'fast and dirty hack', but it works.
And i don't see any another solution for stack smashing prevention
for FreeBSD now. 

PS: btw, non-executable stack don't protect against return-into-libc
attack ( as demonstrated by Rafal Wojtczuk in bugtraq against 
Solar Designer's patch ).
-- 
Alexandre Snarskii
the source code is included

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980720222613.37562>