Date: Wed, 4 Nov 1998 13:52:25 -0500 (EST) From: Barrett Richardson <brich@aye.net> To: Warner Losh <imp@village.org> Cc: spork <spork@super-g.com>, Andrew McNaughton <andrew@squiz.co.nz>, bow <bow@bow.net>, FreeBSD-security@FreeBSD.ORG Subject: Re: [rootshell] Security Bulletin #25 (fwd) Message-ID: <Pine.BSF.3.96.981104132918.27745A-100000@phoenix.aye.net> In-Reply-To: <199811041720.KAA00555@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 4 Nov 1998, Warner Losh wrote: > In message <Pine.BSF.3.96.981104093724.8513B-100000@phoenix.aye.net> Barrett Richardson writes: > : I recently got the stackguard compiler > : http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/ > : up and going on my 2.2.7 box. I had high hopes that some definitive > : info of the SSH exploit would surface so I could test it against > : something real. > > StackGuard only supports Linux/elf on intel right now. However, it I have it up and going on my 2.2.7 box. Been running some stackguard compiled apps (ssh 1.2.26 for one) and they've been working like a champ. Wrote a couple of test programs to see if it would catch a canary overrun, and indeed it does. Did nothing to the sources but twiddle with dots and underscores. Why would aout vs. elf matter? Are the stack frames different? It's been working for me. Did have to build gas. -- Barrett > wouldn't be too hard to add FreeBSD elf to this list. FreeBSD aout > would be much harder... > > Warner > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.981104132918.27745A-100000>