From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 04:40:16 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6371737B404 for ; Tue, 12 Aug 2003 04:40:16 -0700 (PDT) Received: from dfmm.org (walter.dfmm.org [209.151.233.240]) by mx1.FreeBSD.org (Postfix) with ESMTP id BB2F543FB1 for ; Tue, 12 Aug 2003 04:40:11 -0700 (PDT) (envelope-from freebsd-security@dfmm.org) Received: (qmail 97188 invoked by uid 1000); 12 Aug 2003 11:40:11 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 12 Aug 2003 11:40:11 -0000 Date: Tue, 12 Aug 2003 04:40:11 -0700 (PDT) From: Jason Stone X-X-Sender: jason@walter To: security@freebsd.org In-Reply-To: <004001c360c3$da6cf9d0$9f8d2ed5@internal> Message-ID: <20030812042912.V3417@walter> References: <004001c360c3$da6cf9d0$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 11:40:16 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > Protecting against stack smashing is quite important; I think many > hosting environments not using LISP or other executable-stack-reliant > packages would benefit from this. By negating the ability to execute > injected code through a buffer overflow, security is highly increased. I think that this topic has come up before on the list - please check the archives before you get into it again. I think that the consensus has been something along the lines of, it would be nice, _but_: 1) It requires ugly tricks to implement on i386; 2) It does not canonically stop the exploitation of buffer overruns - yes, it stops the current attacks, but the underlying problem that an attacker can change the flow of program execution remains; 3) It would break a whole bunch of stuff. -Jason -------------------------------------------------------------------------- Freud himself was a bit of a cold fish, and one cannot avoid the suspicion that he was insufficiently fondled when he was an infant. -- Ashley Montagu -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) Comment: See https://private.idealab.com/public/jason/jason.gpg iD8DBQE/ONIbswXMWWtptckRAmeWAKCR0+gKO1TeBncCaIzGaz0OuIaEnwCgpe7u o6iRC44JMJe86lhPj7CqdEg= =ijiO -----END PGP SIGNATURE-----