Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds

Henner Eisen (eis@baty.hanse.de)
10 Aug 1998 22:37:41 +0200


Rene Janssen <rjanssen@mailhost.oke.nl> writes:
>
> If you want real security support from Linux we should start from scratch
> and create a secure-linux project. Design a radically different stack
> layout (2 stacks). The first stack with the return adress / registers
> should not be modifyable due to a buffer under or overflow in the second
> stack or in the process heap. This means that you have to pick a CPU that
> supports such a design, modify gcc , libc etc.. Lots of other problems will
> pop up.

I think this 2-stack approach will only protect you against modified
return addresses. An exploit modifying other function pointers won't be
affected.

Henner

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html