> Date: Wed, 29 Dec 1999 08:36:25 -0500 (EST)
> From: Gregory Maxwell <greg@linuxpower.cx>
> To: Horst von Brand <vonbrand@pincoya.inf.utfsm.cl>
> Cc: Robert Dinse <nanook@eskimo.com>, linux-kernel@vger.rutgers.edu
> Subject: Re: Unexecutable Stack / Buffer Overflow Exploits...
>
> On Wed, 29 Dec 1999, Horst von Brand wrote:
>
> [snip]
> > Where do you think script kiddies get their exploit scripts from? They
> > don't write them themselves: The real crackers share them with the
> > community. Just like the hacker community shares patches and cool
> > programs. So you can keep out 99.99% only until one of the 0.01% finds out
> > a way around it. The danger of "nonexecutable stack" is that it creates a
> > sense of security, which might be justified as long as it is rare. Once it
> > becomes widespread, it will be useless in short time, and _everybody_ will
> > have to pay the cost for nothing at all, while feeling smugly secure.
>
> Here is where the real argument lives.
>
> You are claiming that the patch adds no real security. You clame it does
> nothing more then moving to a non-popular arch would do.
>
> I disagree. The patch actually makes creating this type of attack much
> harder, and in some cases impossible.
>
> The effectiveness of this patch comes from two places:
>
> A) It's rare and breaks all existing attacks.
> B) I actually makes that class of attack harder to accomplish.
>
> Just because A will go away if this patch were everywhere, you still
> derrive additional security from B.
And it's a layer... Nothing is 100%, but the more layers a perp has to
get through to gain access, the better the odds that they won't succeed.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/