Re: Debian Stable server hacked

To: debian-security <debian-security@lists.debian.org>
Subject: Re: Debian Stable server hacked
From: Phillip Hofmeister <plhofmei@zionlth.org>
Date: Fri, 22 Aug 2003 18:35:37 -0400
Message-id: <[🔎] 20030822223537.GA23456@zionlth.org>
Mail-followup-to: debian-security <debian-security@lists.debian.org>
In-reply-to: <[🔎] 20030822143227.GN23625@alcor.net>
References: <[🔎] 20030807155215.GD18220@alcor.net> <[🔎] 3F328651.8030009@balpol.tudelft.nl> <[🔎] 20030813042005.GA570@galacticasoftware.com> <[🔎] 1060804961.28883.44.camel@columbia> <[🔎] 20030813223952.GA5518@hotpop.com> <[🔎] 1060816139.2635.23.camel@columbia> <[🔎] 20030814010051.GB5518@hotpop.com> <[🔎] 20030814160040.GL14846@alcor.net> <[🔎] 20030820152330.GA14181@vekoll.saturnus.vein.hu> <[🔎] 20030822143227.GN23625@alcor.net>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 22 Aug 2003 at 10:32:27AM -0400, Matt Zimmerman wrote:
> It is often the case that the attacker doesn't know the exact location of
> structures in memory; there are techniques for finding out.  I'm sure that
> the authors of PaX do not misrepresent it as complete protection.
> 
> It's pointless to argue about it; it's clear that PaX provides some value in
> protection against security vulnerabilities, and I think it's also clear
> that because it will break many existing applications, it is not suitable
> for use by default.  But there is no reason why a PaX-enabled kernel could
> not be provided as an option.  All it needs is someone willing to do the
> work (hint, hint).

I would be willing to maintain a grsec kernel image with PaX and temp.
file symlink blocking if someone would be willing to sponsor it (hint,
hint)

- -- 
Phillip Hofmeister

PGP/GPG Key:
http://www.zionlth.org/~plhofmei/
wget -O - http://www.zionlth.org/~plhofmei/key.txt | gpg --import
- --
Excuse #100: We just switched to FDDI. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/Rpq3S3Jybf3L5MQRAqkxAJ96rsDDKGr583UiBxDZEiaPuiS0sACeKD0r
1VLdCtM3Kg1jQ/oztj24NFk=
=mBQL
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- Re: Debian Stable server hacked
  - From: Dale Amon <amon@vnl.com>
- Re: Debian Stable server hacked
  - From: Matt Zimmerman <mdz@debian.org>

References:
- Re: Debian Stable server hacked
  - From: Matt Zimmerman <mdz@debian.org>
- Re: Debian Stable server hacked
  - From: Thijs Welman <thijs@balpol.tudelft.nl>
- Re: Debian Stable server hacked
  - From: "Adam Majer" <adamm@galacticasoftware.com>
- Re: Debian Stable server hacked
  - From: Colin Walters <walters@verbum.org>
- Re: Debian Stable server hacked
  - From: valerian <valerian2@hotpop.com>
- Re: Debian Stable server hacked
  - From: Colin Walters <walters@verbum.org>
- Re: Debian Stable server hacked
  - From: valerian <valerian2@hotpop.com>
- Re: Debian Stable server hacked
  - From: Matt Zimmerman <mdz@debian.org>
- Re: Debian Stable server hacked
  - From: Adam ENDRODI <borso@vekoll.saturnus.vein.hu>
- Re: Debian Stable server hacked
  - From: Matt Zimmerman <mdz@debian.org>

Prev by Date: Re: Blocking email ID's [Was:Unidentified subject!]
Next by Date: Re: Debian Stable server hacked
Previous by thread: Re: Debian Stable server hacked
Next by thread: Re: Debian Stable server hacked
Index(es):
- Date
- Thread