From owner-freebsd-security Mon Oct 29 11: 0:31 2001 Delivered-To: freebsd-security@freebsd.org Received: from thedarkside.nl (cc31301-a.assen1.dr.nl.home.com [213.51.66.128]) by hub.freebsd.org (Postfix) with ESMTP id 8FAE637B407 for ; Mon, 29 Oct 2001 11:00:10 -0800 (PST) Received: (from root@localhost) by thedarkside.nl (8.11.6/8.11.6) id f9TJ04743900 for freebsd-security@freebsd.org; Mon, 29 Oct 2001 20:00:04 +0100 (CET) (envelope-from g.p.de.boer@st.hanze.nl) Received: from kilmarnock.st.hanze.nl (kilmarnock [10.0.0.2]) by thedarkside.nl (8.11.6/8.11.6av) with ESMTP id f9TJ00B43892 for ; Mon, 29 Oct 2001 20:00:00 +0100 (CET) (envelope-from g.p.de.boer@st.hanze.nl) Message-Id: <5.1.0.14.0.20011029195304.01ef4e58@10.0.0.1> X-Sender: 125105@pop5.st.hanze.nl X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Mon, 29 Oct 2001 19:59:58 +0100 To: freebsd-security@freebsd.org From: "G.P. de Boer" Subject: Re: BUFFER OVERFLOW EXPLOITS In-Reply-To: <3BDD11C8.4746A7BD@2113.ch> References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Virus-Scanned: by AMaViS perl-10 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 09:22 29-10-2001, Luc wrote: >Can one confirm we may prevent FreeBSD buffer overflow >using this document: > >"GCC extension for protecting applications from stack-smashing attacks" >http://www.trl.ibm.com/projects/security/ssp/ > >Why isn't FreeBSD built with such extension (by default) ? There's something in the ports that might be interesting concerning this: /usr/ports/security/libparanoia From the pkg-descr: "This is a library, which contains a safe reincarnations of strcpy/strcat/sprintf and some other functions, which is known to be a source to 99% of stack smashing attacks since Morrison Worm." and: "WWW: http://www.lexa.ru/snar/libparanoia/" Those kind of protections might help against the standard exploits, however I'm quite certain a skilled person will still be able to exploit bufferoverflow-bugs. ---- GP. de Boer ( g.p.de.boer@st.hanze.nl ) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message