Re: Unexecutable Stack / Buffer Overflow Exploits...

Alan Cox (alan@lxorguk.ukuu.org.uk)
Thu, 30 Dec 1999 02:46:43 +0000 (GMT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Alex Holden: "Announce: initrd-tftp 0.1"
Previous message: Homme R. Bitter: "Re: Unexecutable stack"
In reply to: Homme R. Bitter: "Re: Unexecutable stack"
Next in thread: Homme R. Bitter: "Re: Unexecutable Stack / Buffer Overflow Exploits..."

> > I disagree. The patch actually makes creating this type of attack much
> > harder, and in some cases impossible.
>
> "Much harder" how? Instead of returning to some doctored code on the stack,
> you just return to the start of system(3) or some such. Sure, different

Tricky. The code maps libraries at 0x00[something] by choice which makes
the construct very tricky.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alex Holden: "Announce: initrd-tftp 0.1"
Previous message: Homme R. Bitter: "Re: Unexecutable stack"
In reply to: Homme R. Bitter: "Re: Unexecutable stack"
Next in thread: Homme R. Bitter: "Re: Unexecutable Stack / Buffer Overflow Exploits..."