Date: Mon, 10 Feb 1997 14:21:36 -0700 From: Warner Losh <imp@village.org> To: Peter Dufault <dufault@hda.com> Cc: tqbf@enteract.com, freebsd-security@freebsd.org Subject: Re: buffer overruns Message-ID: <E0vu3AO-0005Se-00@rover.village.org> In-Reply-To: Your message of "Mon, 10 Feb 1997 07:44:31 EST." <199702101244.HAA08991@hda.hda.com> References: <199702101244.HAA08991@hda.hda.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199702101244.HAA08991@hda.hda.com> Peter Dufault writes: : is it realistic and doable to require suid programs to be text-execute only? I'm not sure you can do this. You'll need to have the shared libraries mappeded executable, as well as .text section of the program. If you then disallow execution of the stack area and the data area, you might be able to do it. Modulo all those cool tricks that I talked about before. But you still aren't 100% safe. Since pointers to functions can be stored in memory, you are still at risk of a buffer overflow that overwrites one of them that is later jumped to. Just to think of one example. Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0vu3AO-0005Se-00>