Bugtraq mailing list archives
Re: 2nd Linux kernel patch to remove stack exec
From: solar () SUN1 IDEAL RU (Solar Designer)
Date: Sun, 13 Apr 1997 17:43:04 -0300
Hello.
Objective C uses trampolines, also. GNU libc 2.0 uses trampolines ...
It's not really a problem -- everything should run just fine with my patch. However, the patch will not prevent buffer overflow exploits for those programs that use trampolines. This means that as long as libc5 is being used, most (if not all) privileged processes will have stack execution permission disabled. :) As for glibc, maybe it is time to change it not to use trampolines?
Admited trampolines are a stupid idea because their performance sucks on many architectures.
AFAIK, they will cause some overhead for maintaining L1 code and data caches coherency, since the stack frame is usually in the data cache -- resulting in bad performance. Signed, Solar Designer
Current thread:
- Re: [LINUX] IP_MASQ / Ethernet Passing Traffic After Halt Miquel van Smoorenburg (Apr 12)
- Re: [LINUX] IP_MASQ / Ethernet Passing Traffic After Halt Alan Cox (Apr 13)
- [ANNOUNCE]: ipfilter for FreeBSD2.2.x + FreeBSD3.0-current Julian Assange (Apr 13)
- Re: [ANNOUNCE]: ipfilter for FreeBSD2.2.x + FreeBSD3.0-current Perry E. Metzger (Apr 13)
- 2nd Linux kernel patch to remove stack exec Solar Designer (Apr 13)
- Re: 2nd Linux kernel patch to remove stack exec Systemkennung Linux (Apr 13)
- Re: 2nd Linux kernel patch to remove stack exec Solar Designer (Apr 13)
- Re: 2nd Linux kernel patch to remove stack exec Systemkennung Linux (Apr 13)
- Re: 2nd Linux kernel patch to remove stack exec David S. Miller (Apr 13)
- Re: 2nd Linux kernel patch to remove stack exec Systemkennung Linux (Apr 13)
- Re: 2nd Linux kernel patch to remove stack exec Systemkennung Linux (Apr 13)
- more l0phtcrack errata Systemkennung Linux (Apr 13)
- PGP Distributed Attack Aleph One (Apr 14)
- Re: PGP Distributed Attack Perry E. Metzger (Apr 14)
- Re: PGP Distributed Attack Paul C Leyland (Apr 15)
- Juggernaut 1.1 patch G P R (Apr 15)
- Re: PGP Distributed Attack Ubermensch (Apr 14)
- Re: PGP Distributed Attack Tom Guptill (Apr 14)