From owner-freebsd-hackers Tue Feb 4 17:26:43 2003 Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0165B37B401 for ; Tue, 4 Feb 2003 17:26:43 -0800 (PST) Received: from stork.mail.pas.earthlink.net (stork.mail.pas.earthlink.net [207.217.120.188]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6367643FA7 for ; Tue, 4 Feb 2003 17:26:42 -0800 (PST) (envelope-from tlambert2@mindspring.com) Received: from pool0302.cvx21-bradley.dialup.earthlink.net ([209.179.193.47] helo=mindspring.com) by stork.mail.pas.earthlink.net with asmtp (SSLv3:RC4-MD5:128) (Exim 3.33 #1) id 18gEKc-0000f9-00; Tue, 04 Feb 2003 17:26:30 -0800 Message-ID: <3E4067EE.E4C2D40D@mindspring.com> Date: Tue, 04 Feb 2003 17:25:02 -0800 From: Terry Lambert X-Mailer: Mozilla 4.79 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: Justin Lundy Cc: freebsd-hackers@freebsd.org Subject: Re: [eugene@securityarchitects.com: Re: Preventing exploitation with rebasing] References: <20030204195114.GA92636@cvs.tegatai.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-ELNK-Trace: b1a02af9316fbb217a47c185c03b154d40683398e744b8a415e12dd90610d7195a8371f7b20e0049350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Justin Lundy wrote: > "Add a possibility to add a random offset to the stack on exec. This makes > it slightly harder to write generic buffer overflows. This doesn't really > give any real security, but it raises the bar for script-kiddies and it's > really cheap. It's also security through obscurity. All you have to do to get around it is write PIC and use your own system calls. -- Terry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message