Re: about buffer overflow.

From: Barry K. Nathan (barryn@pobox.com)
Date: Mon May 19 2003 - 01:22:24 EST


On Mon, May 19, 2003 at 03:00:47AM +0300, Halil Demirezen wrote:
> yes that is interesting, however, what i want to learn, clearly, is
> this patch available from 2.4.20-rc1 at every default linux kernel
> from this moment on?

It (ExecShield0 is *not* in the mainline kernel at this time. I don't
know when (or even if) it'll be added to the mainline kernels either.

Red Hat's Rawhide kernels (2.4.20-1.1990 for example) seem to have it,
but those are experimental kernels that are not for production use. I
guess time will tell whether Red Hat ships ExecShield by default in
their next release.

BTW, another option is the pageexec ("PaX") patch:
http://pageexec.virtualave.net/ (warning: this page has pop-up windows)

and that's integrated into a more comprehensive security patch,
grsecurity:
http://www.grsecurity.net/

-Barry K. Nathan <barryn@pobox.com>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Fri May 23 2003 - 22:00:32 EST