>
> On Mon, 14 Apr 1997 solar@sun1.ideal.ru wrote:
[deletia]
> > What about daemons? These are even more important, and, as I'm going to
> > explain when posting the final patch, removed stack execution permission
> > is possible to bypass in less cases when exploiting remotely than locally.
>
> Generally i would solve these types of problems by putting an extra label
> onto the executable, which says 'danger, turn stack execution off totally,
> except for signal handlers'. I would >force< daemons which are not coded
> properly to go down and die. [but one could define a more lax category
> too, with the GFP handler solution, a matter of taste].
Second the motion. The real problem is buggy user-mode code, and finding
and squashing the bugs should be done even if Linux' guts are armored against
them.
Mark H. Wood, Lead System Programmer MWOOD@INDYVAX.IUPUI.EDU
Those who will not learn from history are doomed to reimplement it.