Re: [RFC] prevention of syscalls from writable segments, breakingbug exploits

[Gerhard Mack]

On Wed, 3 Jan 2001, Dan Hollis wrote:

> On Thu, 4 Jan 2001, Dan Aloni wrote:
> > Anyway, while it is agreed that you can't completely eliminate exploits,
> > it is recommended that, it should be at least harder to create them, maybe
> > it can even minimize the will to write them.
> 
> The argument against these sort of protection mechanisms seems to be "well
> its not perfect, so we shouldnt have it at all".
> 
> Lets use that argument against uid/gid then. Since it's impossible to
> protect against exploits, let's dispose of uid/gid entirely and run
> everything as root ;-)
> 
> "stack guarding is a false sense of security". Well, so is ipchains, so
> lets discard that as well...?
> 
> Really, these arguments cut both ways. If you are going to argue against
> something because it's not perfect, you should be aware that you're
> arguing against other kernel protection mechanisms also.
> 

Your comparing actual security with stack guarding? Stack guarding mearly
makes the attack diffrent.. rootkits are already available to defeat it.

        Gerhard



--
Gerhard Mack

[EMAIL PROTECTED]

<>< As a computer I find your faith in technology amusing.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
Please read the FAQ at http://www.tux.org/lkml/