Re: stack protection

["Milan P. Stanic" <mps@rns-nis.co.yu>]

On Sun, Aug 24, 2003 at 01:40:28PM +1000, Russell Coker wrote:
[...]
> > I agree, but writing secure (not perfectly secure) software may be
> > nearly possible.
> > I don't like to start flame war, but must mention djbdns and qmail.
> 
> Yes, however they have less functionality than the alternatives that most 
> people want to use.
 
Someone could say that for Linux comparing it with WinXX. 

> Also I don't expect DJB to write replacements for dhcpd, dhclient, ftpd, cron, 
Maybe someone else should do that, I hope at least.

[...]
> > That couldn't be solved by SE Linux (or similar code) but just
> > mitigated a little.
> 
> No, it means that a badly written daemon running as UID 0 can not trash your 
> system.  So a sound server that has a bug can at worst play sounds and record 
> sounds in a malicious manner, and refuse to do what it is supposed to do.  
> Much better than allowing it to write to /etc/shadow!
 
If attacker can poison DNS cache or fake DHCP server to do something
nasty then the problem with SE Linux is just mitigated, not solved.

> > I'm not against SE Linux, RSBAC GRSec, LIDS etc. I'm using some them
> > on servers and playing with all of them. I just like to say that putting
> > limits in the (our loved (Debian)/Linux) is not good thing, IMO.
> 
> Why is it a limit? We are not talking about making any of these
> mandatory for Debian users. We want to give them a choice of all of
> the above.

I'm not against choice, I just don't like idea that that stack
protection and similar code could become "mainstream" one day.

P.S.
I appreciate you contribution to Linux (and Debian) security a lot,
and I play with *your* SE Linux host when I have time.