Re: Secure Linux kernel package?

To: Nathan E Norman <finn@midco.net>
Cc: Debian Development <debian-devel@lists.debian.org>
Subject: Re: Secure Linux kernel package?
From: Raul Miller <rdm@test.legislate.com>
Date: Thu, 12 Nov 1998 08:02:25 -0500
Message-id: <[🔎] 19981112080225.A12293@hazel>
Mail-followup-to: Nathan E Norman <finn@midco.net>, Debian Development <debian-devel@lists.debian.org>
In-reply-to: <[🔎] Pine.LNX.3.96.981112012407.16164B-100000@brahe.midco.net>; from Nathan E Norman on Thu, Nov 12, 1998 at 01:25:08AM -0600
References: <[🔎] 19981112005031.A31792@hazel> <[🔎] Pine.LNX.3.96.981112012407.16164B-100000@brahe.midco.net>

On Thu, 12 Nov 1998, Raul Miller wrote:
>  : The only security provided by this patch derives from the fact that it's
>  : not commonly deployed.  If it were put in the standard kernel it would
>  : lose all value.

Nathan E Norman <finn@midco.net> wrote:
> Oh, I see ... well, actually I don't (as you list zero reasons why this
> would be the case).  Care to elaborate?

I'm refering specifically to the nonexecutable stack patch.

The stack still contains pointers into executable code.  Some of that
code [libc] is very rich in capability, and tends to exist at well-known
addresses.  

If your code does a stack overflow it's still quite possible to break
security by carefully choosing the offset into libc.  Right now that's
not such a big deal, because it's relevant to so few systems.

-- 
Raul

Reply to:

References:
- Re: Secure Linux kernel package?
  - From: Raul Miller <rdm@test.legislate.com>
- Re: Secure Linux kernel package?
  - From: Nathan E Norman <finn@midco.net>

Prev by Date: Re: FreeBSD writing to Debian NFS
Next by Date: Re: Creating Packages with DebHelper
Previous by thread: Re: Secure Linux kernel package?
Next by thread: Re: Secure Linux kernel package?
Index(es):
- Date
- Thread