Yep, PGP isn't secure either because somebody could guess...
Oh, please! It is _far_ from trivial to get past the patch.
In addition to great skill, an attacker would need great luck.
I wouldn't worry about Linus Torvalds spending years...
The trampoline detection is _not_ a massive hole. Gcc trampolines
are hard for an attacker to produce, in part because the registers
need to be set up right. You can't jump into libc system() either
because the patch maps libc with a '\0' in the address.
The attacker can't try until success, since attempts get logged.
You can have syslogd page you.
> Besides: no one is saying you can't patch your own kernels. But the
> official linux kernel distribution is concerned (rightly) with doing
> things the Right Way, even if it takes a bit longer to get it done.
Actually, this _is_ the Right Way. In theory, the Right Way is
to fix all the applications. Ha, ha, ha! Good luck dude. :-)
You don't even have source to everything, so get that hex editor...
You aren't paranoid enough if you discard imperfect solutions.
This is an imperfect world. I have a whole collection of hacks
that could improve security, most of which break things. It is
harder to write exploit code if argv[n] must be printable ASCII.
People in Europe might scream, but it would be useful here.
(they could still ban at least 65 non-native language characters)
Sick hacks: http://www.cs.uml.edu/~acahalan/linux/obstacles.html
The stack exec patch is without side effects. The /tmp link patch
is nearly without side effects -- and the programs that break are
ones that _should_ break. Both patches appear legal for Unix98.