From owner-freebsd-security  Wed Nov  4 10:53:58 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id KAA10770
          for freebsd-security-outgoing; Wed, 4 Nov 1998 10:53:58 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from phoenix (phoenix.aye.net [206.185.8.134])
          by hub.freebsd.org (8.8.8/8.8.8) with SMTP id KAA10761
          for <FreeBSD-security@FreeBSD.ORG>; Wed, 4 Nov 1998 10:53:53 -0800 (PST)
          (envelope-from brich@aye.net)
Received: (qmail 2461 invoked by uid 7506); 4 Nov 1998 18:52:25 -0000
Received: from localhost (sendmail-bs@127.0.0.1)
  by localhost with SMTP; 4 Nov 1998 18:52:25 -0000
Date: Wed, 4 Nov 1998 13:52:25 -0500 (EST)
From: Barrett Richardson <brich@aye.net>
To: Warner Losh <imp@village.org>
cc: spork <spork@super-g.com>, Andrew McNaughton <andrew@squiz.co.nz>,
        bow <bow@bow.net>, FreeBSD-security@FreeBSD.ORG
Subject: Re: [rootshell] Security Bulletin #25 (fwd) 
In-Reply-To: <199811041720.KAA00555@harmony.village.org>
Message-ID: <Pine.BSF.3.96.981104132918.27745A-100000@phoenix.aye.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org



On Wed, 4 Nov 1998, Warner Losh wrote:

> In message <Pine.BSF.3.96.981104093724.8513B-100000@phoenix.aye.net> Barrett Richardson writes:
> : I recently got the stackguard compiler
> : http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/
> : up and going on my 2.2.7 box. I had high hopes that some definitive
> : info of the SSH exploit would surface so I could test it against
> : something real.
> 
> StackGuard only supports Linux/elf on intel right now.  However, it

I have it up and going on my 2.2.7 box. Been running some stackguard
compiled apps (ssh 1.2.26 for one) and they've been working like a champ.
Wrote a couple of test programs to see if it would catch a canary
overrun, and indeed it does. Did nothing to the sources but twiddle
with dots and underscores. Why would aout vs. elf matter? Are the stack
frames different?

It's been working for me. Did have to build gas. 

--

Barrett

> wouldn't be too hard to add FreeBSD elf to this list.  FreeBSD aout
> would be much harder...
> 
> Warner
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message