Re: Debian Stable server hacked
On Fri, Aug 22, 2003 at 06:35:37PM -0400, Phillip Hofmeister wrote:
> On Fri, 22 Aug 2003 at 10:32:27AM -0400, Matt Zimmerman wrote:
> > It is often the case that the attacker doesn't know the exact location of
> > structures in memory; there are techniques for finding out. I'm sure that
> > the authors of PaX do not misrepresent it as complete protection.
> > It's pointless to argue about it; it's clear that PaX provides some value in
> > protection against security vulnerabilities, and I think it's also clear
> > that because it will break many existing applications, it is not suitable
> > for use by default. But there is no reason why a PaX-enabled kernel could
> > not be provided as an option. All it needs is someone willing to do the
> > work (hint, hint).
> I would be willing to maintain a grsec kernel image with PaX and temp.
> file symlink blocking if someone would be willing to sponsor it (hint,
Does anyone know when a grsec patch set will be available for 2.6.0t3
or know of one updated to work with 2.4.22rc2?
Yeah, I know, they are still experimental...