> Khimenko Victor wrote:
> >
> > In <38673F5C.1010C79A@katren.ru> Mike Karmyshev (mike@katren.ru) wrote:
> > > Hello.
> > > I've recently played a bit with Solar Designer's patch and it looks that
> > > it doesn't have any
> > > significant overhead. Shoudn't it be in the kernel by default(at
> > > least,SECURE_STACK)?
> >
> > Last time when this question was raised was more then year ago (if I recall
> > correctly) and Linus said that his feeling about unexecutable stack is that
> > it does not make exploits impossible but insted give you false sense of safety.
> > So answer is "no". You can add such patch by hands if you wish...
>
> And it would prevent anything from working which is emplying the stack
> as a trampoline to pass around ... guess what ... for example thrown
> exceptions.
>
The notion of a secure stack implies that you get some kind of security
by making the stack non-executable. This theory has, to the best on
my knowledge, never been shown to have merit, much less proof. The
old games of loading executable opcodes into local data on the stack,
overwriting the return address with that data (to point to the code
you want to execute), then causing an exception (stack overrun) to
make it happen, are not something you could encounter with the current
network daemons.
You would need a local account, with root access, to even experiment.
Cheers,
Dick Johnson
Penguin : Linux version 2.3.13 on an i686 machine (400.59 BogoMips).
Warning : The end of the world as we know it requires a new calendar.
Seconds : 370066 (until Y2K)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/