Date: Sun, 19 Jul 1998 14:47:25 -0600 From: Brett Glass <brett@lariat.org> To: security@FreeBSD.ORG Subject: The 99,999-bug question: Why can you execute from the stack? Message-ID: <199807192047.OAA02264@lariat.lariat.org>
next in thread | raw e-mail | index | archive | help
We're going to be spending about a man-month rebuilding a complex system that was hacked due to a buffer overflow exploit. Looking back at our system log files, I can see exactly how the hack was done and how the perpetrator was able to get root. What I CAN'T understand is why FreeBSD allows the hack to occur. Why on Earth would one want to allow code to be executed from the stack? The Intel segmentation model normally prevents this, and there's additional hardware in the MMU that's supposed to be able to preclude it. Why does the OS leave this gigantic hole open? Why not just close it? --Brett Glass To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807192047.OAA02264>