2003-08-28 22:00:12

by Breno

[permalink] [raw]
Subject: non-exec stack

Hi , Is there an source that allow non-exec stack for linux ? like openbsd
do.


thanks
Breno


2003-08-28 22:16:50

by Chris Wright

[permalink] [raw]
Subject: Re: non-exec stack

* Breno ([email protected]) wrote:
> Hi , Is there an source that allow non-exec stack for linux ? like openbsd
> do.

Have you looked at Openwall Linux or exec-shield?

http://www.openwall.com/linux/
http://people.redhat.com/mingo/exec-shield/

of course, neither is a complete security solution, just a small bit of
protection.

thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net

2003-08-28 23:21:50

by Chris Wright

[permalink] [raw]
Subject: Re: non-exec stack

* Mike Fedyk ([email protected]) wrote:
> On Thu, Aug 28, 2003 at 03:15:01PM -0700, Chris Wright wrote:
> >
> > Have you looked at Openwall Linux or exec-shield?
> >
> > http://www.openwall.com/linux/
> > http://people.redhat.com/mingo/exec-shield/
> >
> > of course, neither is a complete security solution, just a small bit of
> > protection.
>
> What about ingo's exec shield patch that was going around a while ago? Has
> that died?

Heh, err that's the second URL above
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net

2003-08-28 23:12:45

by Mike Fedyk

[permalink] [raw]
Subject: Re: non-exec stack

On Thu, Aug 28, 2003 at 03:15:01PM -0700, Chris Wright wrote:
> * Breno ([email protected]) wrote:
> > Hi , Is there an source that allow non-exec stack for linux ? like openbsd
> > do.
>
> Have you looked at Openwall Linux or exec-shield?
>
> http://www.openwall.com/linux/
> http://people.redhat.com/mingo/exec-shield/
>
> of course, neither is a complete security solution, just a small bit of
> protection.

What about ingo's exec shield patch that was going around a while ago? Has
that died?

2003-08-28 23:52:05

by Mike Fedyk

[permalink] [raw]
Subject: Re: non-exec stack

On Thu, Aug 28, 2003 at 04:21:41PM -0700, Chris Wright wrote:
> * Mike Fedyk ([email protected]) wrote:
> > On Thu, Aug 28, 2003 at 03:15:01PM -0700, Chris Wright wrote:
> > >
> > > Have you looked at Openwall Linux or exec-shield?
> > >
> > > http://www.openwall.com/linux/
> > > http://people.redhat.com/mingo/exec-shield/
> > >
> > > of course, neither is a complete security solution, just a small bit of
> > > protection.
> >
> > What about ingo's exec shield patch that was going around a while ago? Has
> > that died?
>
> Heh, err that's the second URL above
> -chris

Oh duh. Need to wake up, and the day's almost over... :-/