Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 18 May 2001 21:13:01 -0400
From:      Mixtim <mixtim@home.com>
To:        Hiroaki Etoh <etoh@trl.ibm.co.jp>
Cc:        security@FreeBSD.ORG
Subject:   Re: Base system with gcc stack-smashing protector
Message-ID:  <20010518211301.A53682@home.com>
In-Reply-To: <20010519093227T.etoh@trl.ibm.com>; from etoh@trl.ibm.co.jp on Sat, May 19, 2001 at 09:32:27AM %2B0900
References:  <20010519093227T.etoh@trl.ibm.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, May 19, 2001 at 09:32:27AM +0900, Hiroaki Etoh wrote:
> At last, I have completed GCC extension for protectiong applications
> against stack smashing attack. It works on Intel x86 processor and IBM
> powerpc.   

Have you seen Phrack Magazine issue 56, article 5? The title is "Bypassing
StackGuard and StackShield."

  "This article is an attempt to demonstrate that it is possible to
   exploit stack overflow vulnerabilities on systems secured by
   StackGuard or StackShield even in hostile environments (such as when
   the stack is non-executable)."
   
Does your patch address their concerns?

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010518211301.A53682>