The OpenBSD guys have been working on closing buffer overflow holes.
Slashdot has this pointer to a msg from Theo de Raadt:
http://groups.google.com/groups?selm=b1aq2h%242q9g%241%40FreeBSD.csie.NCTU.edu.tw&output=gplain
In the last while, a couple of people in OpenBSD have
been putting some buffer overflow "solutions" into our
source tree; under my continual prodding. I thought I
would summarize some of these and how they fit together,
since what I have seen written up so far has been
wildly inaccurate. (Bad reporter, no cookie).
These are, in short form:
1) PROT_* purity
2) W^X
3) .rodata
4) propolice
...
I like the idea of turning off execute permission on the stack pages.
PEK
---- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Mar 15 2003 - 22:00:23 EST