From owner-freebsd-hackers  Thu Jun 20 23:52:18 2002
Delivered-To: freebsd-hackers@freebsd.org
Received: from warez.scriptkiddie.org (uswest-dsl-142-38.cortland.com [209.162.142.38])
	by hub.freebsd.org (Postfix) with ESMTP id A76DF37B405
	for <freebsd-hackers@freebsd.org>; Thu, 20 Jun 2002 23:52:12 -0700 (PDT)
Received: from [192.168.69.11] (unknown [192.168.69.11])
	by warez.scriptkiddie.org (Postfix) with ESMTP
	id 9316C62D1A; Thu, 20 Jun 2002 23:52:11 -0700 (PDT)
Date: Thu, 20 Jun 2002 23:57:21 -0700 (PDT)
From: Lamont Granquist <lamont@scriptkiddie.org>
To: Kris Kennaway <kris@obsecurity.org>
Cc: Patrick Thomas <root@utility.clubscholarship.com>,
	<freebsd-hackers@freebsd.org>
Subject: Re: inuring FreeBSD to the apache bug without upgrading apache ?
In-Reply-To: <20020620192839.A72755@xor.obsecurity.org>
Message-ID: <20020620235248.L567-100000@coredump.scriptkiddie.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-hackers.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-hackers>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-hackers>
X-Loop: FreeBSD.ORG


I think that libsafe would "protect" against this bug to at least prevent
against any possible malicious code execution.  I think it still leaves
the DoS possibility open though...  Even some kind of non-exec stack
protection patched into FBSD would only generate a SEGV if it got
triggered[*].  Very hard to stop the DoS.

[*] and yes does nothing to prevent against malicious code execution
attacks on x86 architecture either, only obscures...


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message