[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: Backport of the integer overflow in the brk system call

Russell Coker wrote:
> On Mon, 8 Dec 2003 23:14, "Julian Mehnle" <lists@mehnle.net> wrote:
> > You cannot verify the IP address *exactly*, but you can verify
> > whether the IP address lies within a range.  Dial-up users could at
> > least register a certain address range, so as to vastly mitigate the
> > attack risk.  Apart from that, as soon as the use of IPv6 broadens,
> > dynamically assigned IP addresses will diminish.
> That will work in some situations, but not in all.

True.  But even though it might not prevent *all* attacks, it will prevent *many*, without incurring additional costs or adding considerable complexity to the Debian Developer apparatus, will it not?

Reply to: