Date: Mon, 29 Oct 2001 19:59:58 +0100 From: "G.P. de Boer" <g.p.de.boer@st.hanze.nl> To: freebsd-security@freebsd.org Subject: Re: BUFFER OVERFLOW EXPLOITS Message-ID: <5.1.0.14.0.20011029195304.01ef4e58@10.0.0.1> In-Reply-To: <3BDD11C8.4746A7BD@2113.ch> References: <Pine.BSF.4.21.0110281500030.6086-100000@lhotse.zaraska.dhs.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 09:22 29-10-2001, Luc wrote: >Can one confirm we may prevent FreeBSD buffer overflow >using this document: > >"GCC extension for protecting applications from stack-smashing attacks" >http://www.trl.ibm.com/projects/security/ssp/ > >Why isn't FreeBSD built with such extension (by default) ? There's something in the ports that might be interesting concerning this: /usr/ports/security/libparanoia From the pkg-descr: "This is a library, which contains a safe reincarnations of strcpy/strcat/sprintf and some other functions, which is known to be a source to 99% of stack smashing attacks since Morrison Worm." and: "WWW: http://www.lexa.ru/snar/libparanoia/" Those kind of protections might help against the standard exploits, however I'm quite certain a skilled person will still be able to exploit bufferoverflow-bugs. ---- GP. de Boer ( g.p.de.boer@st.hanze.nl ) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.0.20011029195304.01ef4e58>