Date: Wed, 24 Jun 1998 15:09:30 +0100 From: njs3@doc.ic.ac.uk (Niall Smart) To: Nicholas Charles Brawn <ncb05@uow.edu.au>, security@FreeBSD.ORG Subject: Re: non-executable stack? Message-ID: <E0yoqEs-0002io-00@oak67.doc.ic.ac.uk> In-Reply-To: Nicholas Charles Brawn <ncb05@uow.edu.au> "non-executable stack?" (Jun 20, 9:21pm)
next in thread | previous in thread | raw e-mail | index | archive | help
On Jun 20, 9:21pm, Nicholas Charles Brawn wrote: } Subject: non-executable stack? > I was pondering the following after reading about solaris 2.6's > non-executable stack option. > > 1. How feasible is it to implement a non-executable stack kernel option? > 2. If it *is* feasible, what do people think of a sysctl-based interface > to enable/disenable it? > 3. If both 1 & 2 were implemented, how about making it impossible to > disenable at say.. securelevel >= 1? > > If I remember the discussions on bugtraq right, a non-exec patch isn't a > cure-all for buffer overflow attacks. However it would be an overall > security enhancement and prevent many script-based attacks. It would be nice to have a filesystem non-executable-stack flag so that it could be enabled/disabled on a per file basis. Another option would be to only turn it on for set[ug]id executables. There are a number of other "features" like this that would be useful, for example the ability to specify that only printable ascii characters can appear in the arguments or environment of a process before it can exec another. I haven't checked if its possible to write shellcode using just plain ascii characters, if you can then this is obviously worthless, but I'd be surprised if it's possible. Niall To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?E0yoqEs-0002io-00>