Bugtraq mailing list archives
Re: 2nd Linux kernel patch to remove stack exec
From: reece () TAZ NCEYE NET (Bryan Reece)
Date: Sun, 13 Apr 1997 18:04:30 -0000
Wouldn't it be a better idea to patch crt0 and the function entry and exit code to generate a magic cookie a word or so long at startup, write this cookie just below the return address on entry, and test it before returning, dying horribly if it's not correct anymore? This would seem to prevent all exploits involving strcpy and similar, even those not involving branches to the stack, provided the cookie is unguessable. Something like /dev/urandom would be best, but a hash of pid, gettimeofday, argv, and a compiler-generated seed would be better than nothing. -- I wouldn't touch ActiveX with a 10-foot polecat. I might, however, let one loose on the developers. --cddukes at eos dot ncsu.edu
Current thread:
- Re: 2nd Linux kernel patch to remove stack exec, (continued)
- Re: 2nd Linux kernel patch to remove stack exec Systemkennung Linux (Apr 13)
- more l0phtcrack errata Systemkennung Linux (Apr 13)
- PGP Distributed Attack Aleph One (Apr 14)
- Re: PGP Distributed Attack Perry E. Metzger (Apr 14)
- Re: PGP Distributed Attack Paul C Leyland (Apr 15)
- Juggernaut 1.1 patch G P R (Apr 15)
- Re: PGP Distributed Attack Ubermensch (Apr 14)
- Re: PGP Distributed Attack Tom Guptill (Apr 14)
- Re: 2nd Linux kernel patch to remove stack exec Bernd Schmidt (Apr 14)
- mail bombing ;-) Alain Mellan (Apr 14)
- Re: 2nd Linux kernel patch to remove stack exec Andreas Borchert (Apr 14)