From owner-freebsd-questions@FreeBSD.ORG Sat Aug 14 23:44:12 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E8ACE16A4CE for ; Sat, 14 Aug 2004 23:44:12 +0000 (GMT) Received: from dns11.mail.yahoo.co.jp (dns11.mail.yahoo.co.jp [210.81.151.144]) by mx1.FreeBSD.org (Postfix) with SMTP id 1C32543D1F for ; Sat, 14 Aug 2004 23:44:12 +0000 (GMT) (envelope-from ayakokiko@ybb.ne.jp) Received: from unknown (HELO gorgon.near.this) (219.11.234.11 with poptime) by dns11.mail.yahoo.co.jp with SMTP; 14 Aug 2004 23:44:10 -0000 X-Apparently-From: Received: from hydra.near.this (hydra.near.this [10.0.3.20]) by gorgon.near.this (Postfix) with ESMTP id 77F567F24; Sun, 15 Aug 2004 08:44:03 +0900 (JST) Received: by hydra.near.this (Postfix, from userid 100) id A620B9842; Sun, 15 Aug 2004 08:44:02 +0900 (JST) Date: Sun, 15 Aug 2004 08:44:02 +0900 From: horio shoichi To: Siddhartha Jain In-Reply-To: <411E082F.4020600@netmagicsolutions.com> References: <411E082F.4020600@netmagicsolutions.com> X-Mailer: Sylpheed-Claws 0.9.12 (GTK+ 1.2.10; i386-portbld-freebsd4.9) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Message-Id: <20040814.234402.3a8fde0951d524e9.10.0.3.20@bugsgrief.net> cc: freebsd-questions@freebsd.org Subject: Re: propolice patch on 4.10 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 14 Aug 2004 23:44:13 -0000 On Sat, 14 Aug 2004 18:10:15 +0530 Siddhartha Jain wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hello, > > I wanted the propolice protection for my 4.10 FreeBSD install. So I > downloaded the latest available propolice patch (for 4.8) and patched > the source (seemed to go ok). Now after going thru the entire rebuild > process, how do I verify that the propolice thing is active and fine? > > > thanks, > > Siddhartha > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.1 (MingW32) > Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org > > iD8DBQFBHgguOGaxOP7knVwRAs5DAJ428pXMgtLhqdPWdQIG7jp3FyaAFwCfTV0L > TjWCWx5GeRDAZGBuDLBbQFk= > =xoKI > -----END PGP SIGNATURE----- > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > Following code (and the instruction) has been snatched from somewhere discussing Solaris propolice. If you need the credibility, or better solution please search them yourself. % cat test-propolice.c /* test-propolice.c */ #define OVERFLOW "This is longer than 10 bytes" int main (int argc, char *argv[]) { char buffer[10]; strcpy(buffer, OVERFLOW); return 0; } % cc test-propolice.c % ./a.out Abort (core dumped) % tail -2 /var/log/messages Aug 15 08:15:48 hydra a.out: stack overflow in function main Aug 15 08:15:48 hydra /kernel: pid 75040 (a.out), uid 100: exited on signal 6 (core dumped) % cc -fno-stack-protector test-propolice.c % ./a.out Segmentation fault (core dumped) % tail -3 /var/log/messages Aug 15 08:15:48 hydra a.out: stack overflow in function main Aug 15 08:15:48 hydra /kernel: pid 75040 (a.out), uid 100: exited on signal 6 (core dumped) Aug 15 08:19:05 hydra /kernel: pid 75051 (a.out), uid 100: exited on signal 11 (core dumped) % Above test is done on 4.9-STABLE. Note the propolice produced messages: o "Abort" on terminal, and o "stack overflow" in log file. horio shoichi