From owner-freebsd-hackers Sun Feb 13 14:22:57 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from foobar.franken.de (foobar.franken.de [194.94.249.81]) by builder.freebsd.org (Postfix) with ESMTP id 0CDE34096 for ; Sun, 13 Feb 2000 14:22:51 -0800 (PST) Received: (from logix@localhost) by foobar.franken.de (8.8.8/8.8.5) id XAA17030; Sun, 13 Feb 2000 23:22:59 +0100 (CET) Message-ID: <20000213232258.A16994@foobar.franken.de> Date: Sun, 13 Feb 2000 23:22:58 +0100 From: Harold Gutch To: Dru Nelson , freebsd-hackers@FreeBSD.ORG Subject: Re: sysctl for stack execute? References: <38A7224A.580D21BE@egroups.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.2i In-Reply-To: <38A7224A.580D21BE@egroups.net>; from Dru Nelson on Sun, Feb 13, 2000 at 01:29:46PM -0800 Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, Feb 13, 2000 at 01:29:46PM -0800, Dru Nelson wrote: > > Is there a sysctl for FreeBSD which prevents execution in > the stack segment? (ie. to prevent attacks from getting root) > I'm using 3.4R. Atsuo Ohki sent a mail to -hackers on Feb 05 with a kernel-patch doing exactly this. The subject of the mail was "some guard against stack overflow attack". There were some problems with it though, like it breaking KLDs (read the reply by Matt Dillon). bye, Harold -- Someone should do a study to find out how many human life spans have been lost waiting for NT to reboot. Ken Deboy on Dec 24 1999 in comp.unix.bsd.freebsd.misc To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message