From owner-freebsd-security  Mon Oct 29 10:48:36 2001
Delivered-To: freebsd-security@freebsd.org
Received: from silby.com (cb34181-a.mdsn1.wi.home.com [24.14.173.39])
	by hub.freebsd.org (Postfix) with ESMTP id 8DB7637B401
	for <freebsd-security@FreeBSD.ORG>; Mon, 29 Oct 2001 10:48:31 -0800 (PST)
Received: (qmail 1354 invoked by uid 1000); 29 Oct 2001 18:48:30 -0000
Received: from localhost (sendmail-bs@127.0.0.1)
  by localhost with SMTP; 29 Oct 2001 18:48:30 -0000
Date: Mon, 29 Oct 2001 12:48:30 -0600 (CST)
From: Mike Silbersack <silby@silby.com>
To: Matt Piechota <piechota@argolis.org>
Cc: Luc <luc@2113.ch>, <freebsd-security@FreeBSD.ORG>,
	Krzysztof Zaraska <kzaraska@student.uci.agh.edu.pl>
Subject: Re: BUFFER OVERFLOW EXPLOITS
In-Reply-To: <20011029133604.D17640-100000@cithaeron.argolis.org>
Message-ID: <20011029124352.K1182-100000@achilles.silby.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org


On Mon, 29 Oct 2001, Matt Piechota wrote:

> On Mon, 29 Oct 2001, Luc wrote:
>
> > Can one confirm we may prevent FreeBSD buffer overflow
> > using this document:
> >
> > "GCC extension for protecting applications from stack-smashing attacks"
> > http://www.trl.ibm.com/projects/security/ssp/
> >
> > Why isn't FreeBSD built with such extension (by default) ?
>
> MY first though would be that it "add applictation code at compile time"
> which would slow the system down to a certian degree, and it seems to be
> somewhat beta, so you may run into bugs.  Be interesting to try though
> (they have instructions to build FreeBSD using it).
>
> On the other hand, stack overflows are generally due to sloppy
> programming, so adding code and overhead to facilitate being lazy seems to
> be the wrong way to attack a problem.
>
> --
> Matt Piechota

Maintaining the patch as gcc is upgraded is the core issue; the efficiency
vs safety issue could be addressed by a flag during buildworld.

I started work on taking the existing gcc port and adding in the patch
listed above; it seemed to work well, but I'm not sure how well I'd be
able to keep it up to date.

Mike "Silby" Silbersack


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message