Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S263047AbTEBSFC (ORCPT ); Fri, 2 May 2003 14:05:02 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S263048AbTEBSFC (ORCPT ); Fri, 2 May 2003 14:05:02 -0400 Received: from gw.enyo.de ([212.9.189.178]:32005 "EHLO mail.enyo.de") by vger.kernel.org with ESMTP id S263047AbTEBSFB (ORCPT ); Fri, 2 May 2003 14:05:01 -0400 To: linux-kernel@vger.kernel.org Subject: Re: [Announcement] "Exec Shield", new Linux security feature References: From: Florian Weimer Mail-Followup-To: linux-kernel@vger.kernel.org Date: Fri, 02 May 2003 20:17:25 +0200 In-Reply-To: <20030502172011$0947@gated-at.bofh.it> (Davide Libenzi's message of "Fri, 02 May 2003 19:20:11 +0200") Message-ID: <87llxp43ii.fsf@deneb.enyo.de> User-Agent: Gnus/5.1001 (Gnus v5.10.1) Emacs/21.3 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 643 Lines: 14 Davide Libenzi writes: > Ingo, do you want protection against shell code injection ? Have the > kernel to assign random stack addresses to processes and they won't be > able to guess the stack pointer to place the jump. If your software is broken enough to have buffer overflow bugs, it's not entirely unlikely that it leaks the stack address as well (IIRC, BIND 8 did). - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/