Date: Wed, 10 Nov 1999 21:14:25 -0700 From: Warner Losh <imp@village.org> To: "Harry M. Leitzell" <Harry_M_Leitzell@cmu.edu> Cc: Paul Hart <hart@iserver.com>, Andre Gironda <andre@sun4c.net>, freebsd-security@FreeBSD.ORG Subject: Re: stack protecting Message-ID: <199911110414.VAA09777@harmony.village.org> In-Reply-To: Your message of "Wed, 03 Nov 1999 21:41:48 EST." <Pine.SOL.3.96L.991103195319.1577A-100000@unix7.andrew.cmu.edu> References: <Pine.SOL.3.96L.991103195319.1577A-100000@unix7.andrew.cmu.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.SOL.3.96L.991103195319.1577A-100000@unix7.andrew.cmu.edu> "Harry M. Leitzell" writes: : Ounce of prevention is worth a ... You get the point. I agree : that some sort of buffer overflow prevention in FreeBSD would be loved by : all even if they do not choose to use it. Anyhow, it would be nice to see : a Stack + Heap Guard that does not break certain aspects of an OS that : people use (gdb modified so that it correctly reads the format of an : activation record on the stack that was changed would be nice). I am : trying to remember the reason that OpenBSD decided against such designs. : Anyone? Because the OpenBSD folk want to fix all bugs, and buffer overflows are bugs. There are several competing ways of fixing this, none of which are entirely satisfactory. Mostly people complain about the overhead of these systems, but on a fast machine you'll likely not notice. They also generally only protect against smash the stack overflows, although some do offer some limited protect against global variable or heap overflows. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199911110414.VAA09777>