Date: Sun, 19 Jul 1998 17:37:07 -0400 (EDT) From: Alfred <perlsta@fs3.ny.genx.net> To: Brett Glass <brett@lariat.org> Cc: security@FreeBSD.ORG Subject: Re: The 99,999-bug question: Why can you execute from the stack? Message-ID: <Pine.SOL.4.00.9807191735350.28070-100000@fs3.ny.genx.net> In-Reply-To: <199807192047.OAA02264@lariat.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
there was a thread about this just a week ago, it was something to do with signals and threads. and breakage of some ancient programs. -Alfred also there was just an announcement about some package to "self-check" executables for stack corruption. On Sun, 19 Jul 1998, Brett Glass wrote: > We're going to be spending about a man-month rebuilding a complex system > that was hacked due to a buffer overflow exploit. Looking back at our > system log files, I can see exactly how the hack was done and how the > perpetrator was able to get root. > > What I CAN'T understand is why FreeBSD allows the hack to occur. Why on > Earth would one want to allow code to be executed from the stack? The Intel > segmentation model normally prevents this, and there's additional hardware > in the MMU that's supposed to be able to preclude it. Why does the OS leave > this gigantic hole open? Why not just close it? > > --Brett Glass > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.4.00.9807191735350.28070-100000>