Re: Unexecutable Stack / Buffer Overflow Exploits...

Frank v Waveren (fvw@var.cx)
Thu, 30 Dec 1999 23:46:06 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Steve Dodd: "Re: spin_unlock optimization"
Previous message: Jeff Dike: "Re: [PATCH] siginfo, kernel 2.3.35"

On Thu, Dec 30, 1999 at 02:11:00PM -0800, Steve VanDevender wrote:
> Richard Zidlicky writes:
> > On Wed, Dec 29, 1999 at 11:27:33AM -0800, Dan Hollis wrote:
> > > And I dont see any reason why this cant be a kernel compile option. If you
> > > dont like it, dont enable it. I suspect the vast majority of users will
> > > enable it though. I know I would.
> >
> > Why not even make it a runtime option, programs get nonexec stack by default
> > and could do some mmap or other syscall if they realy needed the stack or
> > some portion of it executable.
> > Are there any technical difficulties I am overlooking?
>
> Yeah. Exploit code that now includes exec("/bin/sh") will
> simply precede it with make_stack_executable() if it's
> runtime-selectable.

No, they won't, because if the stack isn't executable, they can't run the
abitrary code.

Frank v Waveren fvw@var.cx ICQ# 10074100

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Steve Dodd: "Re: spin_unlock optimization"
Previous message: Jeff Dike: "Re: [PATCH] siginfo, kernel 2.3.35"