Re: Secure Linux kernel package?
On Thu, 12 Nov 1998, Raul Miller wrote:
> : The only security provided by this patch derives from the fact that it's
> : not commonly deployed. If it were put in the standard kernel it would
> : lose all value.
Nathan E Norman <finn@midco.net> wrote:
> Oh, I see ... well, actually I don't (as you list zero reasons why this
> would be the case). Care to elaborate?
I'm refering specifically to the nonexecutable stack patch.
The stack still contains pointers into executable code. Some of that
code [libc] is very rich in capability, and tends to exist at well-known
addresses.
If your code does a stack overflow it's still quite possible to break
security by carefully choosing the offset into libc. Right now that's
not such a big deal, because it's relevant to so few systems.
--
Raul
Reply to: