From owner-freebsd-security Wed Jul 11 14: 5:16 2001 Delivered-To: freebsd-security@freebsd.org Received: from obsecurity.dyndns.org (adsl-63-207-60-132.dsl.lsan03.pacbell.net [63.207.60.132]) by hub.freebsd.org (Postfix) with ESMTP id 6F0ED37B405 for ; Wed, 11 Jul 2001 14:05:11 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 1826566D72; Wed, 11 Jul 2001 14:05:10 -0700 (PDT) Date: Wed, 11 Jul 2001 14:05:09 -0700 From: Kris Kennaway To: Borja Marcos Cc: Kris Kennaway , freebsd-security@freebsd.org Subject: Re: non-exec stack Message-ID: <20010711140509.A88898@xor.obsecurity.org> References: <001901c10830$b51e7890$0100a8c0@alexus> <20010711145325.L66856-100000@scribble.fsn.hu> <20010711121731.A87389@xor.obsecurity.org> <01071122332004.02234@nenuial.arnor.es> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="oyUTqETQ0mS9luUI" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <01071122332004.02234@nenuial.arnor.es>; from borjamar@sarenet.es on Wed, Jul 11, 2001 at 10:33:20PM +0200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --oyUTqETQ0mS9luUI Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Jul 11, 2001 at 10:33:20PM +0200, Borja Marcos wrote: > On Wednesday 11 July 2001 21:17, you wrote: > > That's a different thing (it doesn't make the stack non-executable, it > > patches gcc to generate code which tries to catch and prevent > > stack-smashing buffer overflows). I don't know of anyone who has > > written a non-exec stack patch for FreeBSD. It would certainly be > > welcome. >=20 > I wonder... how is it implemented? =BFPerhaps checking that the page is = not=20 > a stack page whenever the process enters a system call? =BFChecking the s= ame=20 > at context switches? There's been lots of discussion over the years on bugtraq; see the archives at www.securityfocus.com. Kris --oyUTqETQ0mS9luUI Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7TL+FWry0BWjoQKURAtpyAKCUoU0kyZ5z04euygDaYGrnyjVe+wCbBzDG 2nGmqFVIub90UyoEj7WGfA4= =eVZh -----END PGP SIGNATURE----- --oyUTqETQ0mS9luUI-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message