From owner-freebsd-security Thu Jan 3 10:47:34 2002 Delivered-To: freebsd-security@freebsd.org Received: from mile.nevermind.kiev.ua (freebsddiary.org.ua [213.186.199.26]) by hub.freebsd.org (Postfix) with ESMTP id D27F037B41A; Thu, 3 Jan 2002 10:47:27 -0800 (PST) Received: (from never@localhost) by mile.nevermind.kiev.ua (8.11.6/8.11.4) id g03InFV43534; Thu, 3 Jan 2002 20:49:15 +0200 (EET) (envelope-from never) Date: Thu, 3 Jan 2002 20:49:14 +0200 From: Nevermind To: Rob Andrews Cc: freebsd-security@FreeBSD.ORG, freebsd-ports@FreeBSD.ORG Subject: Re: libsafe? Message-ID: <20020103204914.A43401@nevermind.kiev.ua> References: <200201021122.27596@cyberpunkz.org> <200201021319.35424@cyberpunkz.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200201021319.35424@cyberpunkz.org>; from rob@cyberpunkz.org on Wed, Jan 02, 2002 at 01:26:25PM -0600 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, Rob Andrews! On Wed, Jan 02, 2002 at 01:26:25PM -0600, you wrote: > and yes I realize libparanoid is in the ports. Note the differences between > libsafe and libparanoid.. (sorry I've gotten a few replies and yes I know > about it. but its not similar in _how_ it handles doing the same thing that > libsafe is doing) I've talked to Snar(@paranoia.ru) few days ago here, and he explained me why his approach is better then trying to handle "correctly" such things. I suppose when your app is being attacked with some of buffer overflow or anything else similar to it, it is better to shutdown to prevent any further attempts and report failure to administrator rather then not knowing that app is vulnerable to buf.overflow. Also, you cannot be absolutely sure of any way of "correct" handling such situation. P.S. 2 snar: please, correct me if I wrong. -- NEVE-RIPE To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message