[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Rep:Re: Rep:Rep:Re: Rep:Re: [f-cpu] Stack handling

To: <f-cpu@seul.org>
Subject: Rep:Re: Rep:Rep:Re: Rep:Re: [f-cpu] Stack handling
From: "Nicolas Boulay" <nicolas.boulay@ifrance.com>
Date: Wed, 24 Jul 2002 15:44:47 GMT
Delivered-To: archiver@seul.org
Delivered-To: f-cpu-outgoing@seul.org
Delivered-To: f-cpu@seul.org
Delivery-Date: Wed, 24 Jul 2002 11:44:55 -0400
Reply-To: f-cpu@seul.org
Send-By: 140.94.82.18 with Mozilla/4.0 (compatible; MSIE 5.0; Windows NT; DigExt; FR 15/06/2000)
Sender: owner-f-cpu@seul.org

At the lsm lsm.abul.org , we see people who write security patches for
intel/x86. Those great guy takes hours juste to write something that
couls *simulate* none executing stack on ix86 ( www.grsecurity.org ). So
much work for littles hardware problems ! 

That's not possible not to forget it. Writing security hole is very easy
in C, even when you try to be clean. This have to do with the security
of a system. Those system must handle bad written code and application
without crashing.

nicO

-----Message d'origine-----
De: jaap stolk <jwstolk@yahoo.com>
A: f-cpu@seul.org
Date: 24/07/02
Objet: Re: Rep:Rep:Re: Rep:Re: [f-cpu] Stack handling

--- Nicolas Boulay <nicolas.boulay@ifrance.com> wrote:
> Another idea for security :
> 
> One of my idea is to use a separate stack for return
> adress to avoid
> buffer overflow. But this new stack are in memory

hi,

I might be missing the point here, but why can’t we
just check the input of a program ? (like everybody
used to do in basic)
Is it so hard to check the size of something before
its put into a buffer ?

As far as i can see, this is more a problem coused by
a programmer / compiler that doesn’t check un-thruster
input data, and not a CPU “security” problem.

Even when using separate code and data stack, a
buffer overflow still course corrupted data, I can
hardly call that “secure”, and corrupted data is
very likely to crash the program anyway :-) 

jaap.

__________________________________________________
Do You Yahoo!?
Yahoo! Health - Feel better, live better
http://health.yahoo.com
*************************************************************
To unsubscribe, send an e-mail to majordomo@seul.org with
unsubscribe f-cpu       in the body. http://f-cpu.seul.org/

______________________________________________________________________________
ifrance.com, l'email gratuit le plus complet de l'Internet !
vos emails depuis un navigateur, en POP3, sur Minitel, sur le WAP...
http://www.ifrance.com/_reloc/email.emailif

*************************************************************
To unsubscribe, send an e-mail to majordomo@seul.org with
unsubscribe f-cpu       in the body. http://f-cpu.seul.org/

Prev by Date: Re: Rep:Rep:Re: Rep:Re: [f-cpu] Stack handling
Next by Date: Re: Rep:Re: Rep:Re: [f-cpu] Stack handling
Prev by thread: Re: Rep:Rep:Re: Rep:Re: [f-cpu] Stack handling
Next by thread: [f-cpu] Manual 0.2.6
Index(es):
- Date
- Thread