Re: Stack Smashing and no-exec

Chip Salzenberg (chip@perl.org)
Fri, 7 Aug 1998 17:48:48 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Albert D. Cahalan: "Re: DEVFSv50 and /dev/fb? (or /dev/fb/? ???)"
Previous message: Stephen Frost: "Re: DEVFSv50 and /dev/fb? (or /dev/fb/? ???)"
Next in thread: H. Peter Anvin: "Re: DEVFSv50 and /dev/fb? (or /dev/fb/? ???)"
Reply: H. Peter Anvin: "Re: DEVFSv50 and /dev/fb? (or /dev/fb/? ???)"
Reply: Alan Cox: "Re: DEVFSv50 and /dev/fb? (or /dev/fb/? ???)"

According to Kragen:
> You say "poorly written". The trouble is, essentially all setuid
> programs or as-root-running daemons are poorly-written enough to have
> buffer-overflows in them. The only one I know about that hasn't had
> them yet is qmail-lspawn.

Perl 5.004? It's the first version I worked on; I think we got them
all excised. OTOH, we had to reimplement sprintf() to do it.

-- Chip Salzenberg - a.k.a. - <chip@perlsupport.com> "Take it to the bridge, Sinbad! ... drop it in the water ..." //MST3K

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html

Next message: Albert D. Cahalan: "Re: DEVFSv50 and /dev/fb? (or /dev/fb/? ???)"
Previous message: Stephen Frost: "Re: DEVFSv50 and /dev/fb? (or /dev/fb/? ???)"
Next in thread: H. Peter Anvin: "Re: DEVFSv50 and /dev/fb? (or /dev/fb/? ???)"
Reply: H. Peter Anvin: "Re: DEVFSv50 and /dev/fb? (or /dev/fb/? ???)"
Reply: Alan Cox: "Re: DEVFSv50 and /dev/fb? (or /dev/fb/? ???)"