Re: Unexecutable stack

Jesse Pollard (pollard@tomcat.admin.navo.hpc.mil)
Wed, 29 Dec 1999 12:44:02 -0600 (CST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Gautam H Thaker: "kernel 2.3.31 seems to busy wait for sleep < 2 msec, is this not a bad"
Previous message: Arjan van de Ven: "Re: Unexecutable Stack / Buffer Overflow Exploits..."
In reply to: Keith Owens: "2.3.35 cramfs is not compiled as a module"

Horst von Brand <vonbrand@pincoya.inf.utfsm.cl>:
>It has _not_ been made harmless, just harder to exploit. And the "fix"
>screws up legitimate uses of executing code on the stack. Nothing changes,
>as soon as the "fix" becomes widespread. And then everybody pays the cost
>of the "fix", and nobody gets any benefit. Loose-loose as I see it.

I disagree. I've worked with executables on stacks before. They are hard
to debug, hard to trace, cannot be validated, and can provide a home
for memory resident viruses.

I don't want any of the problems caused by executable stacks.
-------------------------------------------------------------------------
Jesse I Pollard, II
Email: pollard@navo.hpc.mil

Any opinions expressed are solely my own.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Gautam H Thaker: "kernel 2.3.31 seems to busy wait for sleep < 2 msec, is this not a bad"
Previous message: Arjan van de Ven: "Re: Unexecutable Stack / Buffer Overflow Exploits..."
In reply to: Keith Owens: "2.3.35 cramfs is not compiled as a module"