Re: protection against buffer overflows

To: debian-security@lists.debian.org
Subject: Re: protection against buffer overflows
From: Vincent <glaume@enseirb.fr>
Date: Sat, 19 Jan 2002 16:11:28 +0100
Message-id: <[🔎] 20020119151128.GB393@sothis.glaume.mds>
Reply-to: glaume@enseirb.fr
In-reply-to: <[🔎] 20020118202016.GF1031@sothis.glaume.mds>
References: <[🔎] 20020118202016.GF1031@sothis.glaume.mds>

Hi all, and thanx for your help on this subject !

So far, I've seen mainly 3 methods to fight against buffer overflows : 
	1/ Kernel-patching oriented methods, to prevent any execution in the
	stack
	2/ Libsafe's overwriting of vulnerable functions, in a lib loaded
	before the libc
	3/ Action at the code level, such as StackGuard or Pavel's suggestion

To my mind, the 3rd way is pretty hard to trust as it would imply to check or
re-build every executable on the machine, to get a full secure stuff... So I
tend to prefer more "system oriented" things.
Libsafe seems quite trustworthy, according to many different sources. Is
anybody here aware of exploits which succed in skipping libsafe's protection ?
Concerning the kernel patches, there's been this discussion about the real
interest of protecting the stack, Linus Torvald claiming it is a "false" way
to solve the buffer overflow problem, and some exploits exist against this, ie
return-into-libc exploits...

So, is anybody aware of possible attacks against these protection methods ?
Mainly against the libsafe, in fact... ?

Thanx for your support !
VG

Reply to:

Follow-Ups:
- Re: protection against buffer overflows
  - From: "Gergely Trifonov" <trifonov@indweb.hu>

References:
- protection against buffer overflows
  - From: Vincent <glaume@enseirb.fr>

Prev by Date: Re: protection against buffer overflows
Next by Date: Re: protection against buffer overflows
Previous by thread: Re: protection against buffer overflows
Next by thread: Re: protection against buffer overflows
Index(es):
- Date
- Thread