Hosting Provided By

Re: Re : Bounds-checking gcc ..

From: Warner Losh <imp(at)village.org>
Date: Tue Feb 18 1997 - 13:38:16 EST

In message <199702181830.KAA24561@flea.best.net> Matt Dillon writes:
: :>>>>> "Adrian" == Adrian Chadd <adrian@cougar.aceonline.com.au> writes:

I'm not sure what this would buy you, other than a lot of grief. You'd have to start the setuid program out w/o euid changed from the current uid. You'd also not gain any secuiryt from buffer overflows (since the buffer overflow code could call sanitize itself). It would also still not keep you safe from LD_* stuff since that is all done before main gets called. You'd have to add yet another field to the proc structure to keep track of this. Also, how would the kernel know what is to be trusted and not trusted in the env?

It sounds like an aweful lot of work for very little real gain.

Warner Received on Tue Feb 18 10:38:50 1997

This message: [ Message body ]
Next message: Matt Dillon: "Re: Re : Bounds-checking gcc .."
In reply to Matt Dillon: "Re: Re : Bounds-checking gcc .."
Next in thread: Matt Dillon: "Re: Re : Bounds-checking gcc .."
Reply: Matt Dillon: "Re: Re : Bounds-checking gcc .."

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 12:41:02 EDT