Vulnerability Development mailing list archives
Re: C versus other languages,round 538 or so (Re: CGI scripts in sh)
From: Crispin Cowan <crispin () WIREX COM>
Date: Thu, 28 Sep 2000 14:43:37 -0700
Ben Galehouse wrote:
In theory, theory in practice are the same, in practice....
One of my favorite parables :-) Immunix OS http://immunix.org/ offers some solutions to the issues you raise.
In theory, buffer overflows are avoidable and findable. In practice, they keep popping up, often after years of code audit.
This is part of the motive behind StackGuard: a C compiler (gcc extension) that emits programs hardened against buffer overflow attacks. http://immunix.org/stackguard.html (my apologies to those who have heard this song before :-)
In theory, the unix 2-level trust model provides all the security that one could possibly need. In practice, I'd love an easy way to tell the OS to only let a web-browser or email reader access certain files.
This is exactly what SubDomain is designed to do http://immunix.org/subdomain.html We've been ranting about SubDomain for some time, and now it's ready for release. Immunix OS 7.0 will be shipping in time for COMDEX. It will contain: * based on Red Hat 7.0 * StackGuard all C source programs * Format bug protection: using a #define macro hack that enables printf-like functions to count their arguments, so as to detect funny format strings. Idea by Mike Frantzen (Purdue), complete implementation by WireX * SubDomain: kernel enforces which files each program can access StackGuard, as always, is Free Software. The Format hack is implemented as extensions to glibc, so it also is Free Software. SubDomain is a little different: it will be "free beer" software, with terms similar to SSH, i.e. you can have one for free, you can give it to your friends, but it remains proprietary to WireX, and if you want to re-sell it, please license it. Beta code will be announced on the stackguard mailing list. Mail to stackguard-request () immunix org to subscribe. Crispin -- Crispin Cowan, Ph.D. Chief Research Scientist, WireX Communications, Inc. http://wirex.com Free Hardened Linux Distribution: http://immunix.org Olympics: The Corruption Games
Current thread:
- Re: C versus other languages, round 538 or so (Re: CGI scriptsin sh), (continued)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsin sh) Jonathan James (Sep 27)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsin sh) Bluefish (P.Magnusson) (Sep 27)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Jonathan James (Sep 27)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Bluefish (P.Magnusson) (Sep 27)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Jonathan James (Sep 28)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Reid Nichol (Sep 29)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Adam Clarke (Sep 28)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsin sh) Ben Galehouse (Sep 30)
- Re: C versus other languages, round 538 or so (Re: CGI scripts in sh) Ben Galehouse (Sep 27)
- Re: C versus other languages, round 538 or so (Re: CGI scripts in sh) Jonathan James (Sep 27)
- Re: C versus other languages,round 538 or so (Re: CGI scripts in sh) Crispin Cowan (Sep 28)
- Re: C versus other languages, round 538 or so (Re: CGI scripts in sh) Ryan Masters (Sep 24)
- Re: IP Spoofing with DHCP ? Matthew S. Hallacy (Sep 19)