[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian Stable server hacked

On Fri, Aug 22, 2003 at 06:35:37PM -0400, Phillip Hofmeister wrote:
> On Fri, 22 Aug 2003 at 10:32:27AM -0400, Matt Zimmerman wrote:
> > It is often the case that the attacker doesn't know the exact location of
> > structures in memory; there are techniques for finding out.  I'm sure that
> > the authors of PaX do not misrepresent it as complete protection.
> > 
> > It's pointless to argue about it; it's clear that PaX provides some value in
> > protection against security vulnerabilities, and I think it's also clear
> > that because it will break many existing applications, it is not suitable
> > for use by default.  But there is no reason why a PaX-enabled kernel could
> > not be provided as an option.  All it needs is someone willing to do the
> > work (hint, hint).
> 
> I would be willing to maintain a grsec kernel image with PaX and temp.
> file symlink blocking if someone would be willing to sponsor it (hint,
> hint)

Does anyone know when a grsec patch set will be available for 2.6.0t3
or know of one updated to work with 2.4.22rc2?

Yeah, I know, they are still experimental...
Reply to: