Date: Tue, 4 Feb 2003 11:51:14 -0800 From: Justin Lundy <jbl@cvs.tegatai.com> To: freebsd-hackers@freebsd.org Subject: [eugene@securityarchitects.com: Re: Preventing exploitation with rebasing] Message-ID: <20030204195114.GA92636@cvs.tegatai.com>
next in thread | raw e-mail | index | archive | help
Has similar work been done in FreeBSD been done? This would be a nice feature in 5.0-CURRENT. We had SecureBSD, and the IBM port of propolice, but both projects appear to be defunct at present. If we can integrate MAC into the kernel, why not port over OpenBSD's rebasing implementation from /src/sys/kern/kern_exec.c? --jbl ----- Forwarded message from Eugene Tsyrklevich <eugene@securityarchitects.com> ----- Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm Precedence: bulk List-Id: <bugtraq.list-id.securityfocus.com> List-Post: <mailto:bugtraq@securityfocus.com> List-Help: <mailto:bugtraq-help@securityfocus.com> List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com> List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com> Delivered-To: mailing list bugtraq@securityfocus.com Delivered-To: moderator for bugtraq@securityfocus.com Date: Tue, 4 Feb 2003 03:34:32 -0800 From: Eugene Tsyrklevich <eugene@securityarchitects.com> To: David Litchfield <david@ngssoftware.com> Subject: Re: Preventing exploitation with rebasing User-Agent: Mutt/1.2.5i In-Reply-To: <006b01c2cc0b$78d7cb70$2501010a@recovery>; from david@ngssoftware.com on Mon, Feb 03, 2003 at 09:08:35PM -0800 > Rebasing > ******* > The problem with operating systems is that they all have pretty much the > same "genetic code" which makes each and every one of them vulnerable to a > new exploit. So we need to make them different and this can be achieved > through rebasing. Rebasing is the process of changing the Image Base of an > image file. By doing this the DLL/EXE is loaded into a different location in > the virtual address space. Similar idea, applied to the location of stack, was implemented in OpenBSD. This is from OpenBSD CVS (August 2001): "Add a possibility to add a random offset to the stack on exec. This makes it slightly harder to write generic buffer overflows. This doesn't really give any real security, but it raises the bar for script-kiddies and it's really cheap. The range of the random offsets is controlled by the sysctl kern.stackgap_random (must be a power of 2)." http://www.openbsd.org/cgi-bin/cvsweb/src/sys/kern/kern_exec.c.diff?r1=1.54&r2=1.55 ----- End forwarded message ---- - To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030204195114.GA92636>