> My understanding is that the current nonexec-stack patch works so well
> because it cleverly disables itself when it detects code that will break.
> Although this does make it compatible, it doesn't make it secure.
> Solutions to these problems have been rumoured for Linux 2.3.X.
That's a compile time option...one that you (or I ) may chose to turn off.
Granted, in this config, it now breaks all trampolines...big deal. I'm
using systems with libc4 and libc5, and have yet to encounter a program
that breaks with trampoline autodetection disabled. Libc6 users are
screwed for now...and I see that as one reason not to upgrade just yet.
> I believe that there were confirmed reports of applications that broke
> using the /tmp patch; it is also not 'standard' POSIX behavior,
I've seen lots of "but you'll go blind" posts, but not a single one that
gave examples except one which made no sense. Again, it's a compile time
option. It does no harm for probably most systems, and adds yet another
layer of security. Why not make it an option (defaulting to off) in the
standard kernel?
> apparently. Discussion on this list seems to agree that a per-user /tmp
> directory seems to be a better solution, and several implementation ideas
> have been discussed. I expect this will be the ultimate solution
And probably take several months if not years to solve the problem.
------------------------------------------------------------------
Jon Lewis <jlewis@fdt.net> | Unsolicited commercial e-mail will
Network Administrator | be proof-read for $199/message.
Florida Digital Turnpike |
______http://inorganic5.fdt.net/~jlewis/pgp for PGP public key____