On Thu, 2005-09-22 at 16:03 -0400, [email protected] wrote: > On Thu, 22 Sep 2005 19:44:33 -0000, [email protected] said: > > > I'm doing a new feature for linux kernel 2.6 to protect against all kinds of buffer > > overflow. It works with new sys_control() system call controling if a process can or can't > > call a system call ie. sys_execve(); > > This has been done before. ;) > > Also, note *VERY* carefully that this does *NOT* protect against buffer overflow > the way ExecShield and PAX and similar do - this merely tries to mitigate the > damage. > > Note that you probably don't *DARE* remove open()/read()/write()/close() from > the "permitted syscall" list - and an attacker can have plenty of fun just with > those 4 syscalls. > > (That's also why SELinux was designed to give better granularity to syscalls - it > can restrict a program to "write only to files it *should* be able to write"). An interesting thing that I don't think has been done before is to create a map linking stack call chains to syscalls. If the call stack doesn't match then it isn't a valid call. Although that might already be part of execution fingerprinting, now that I think about it... -- Zan Lynx <[email protected]>
Attachment:
signature.asc
Description: This is a digitally signed message part
- Follow-Ups:
- Re: security patch
- From: Chris Wright <[email protected]>
- Re: security patch
- From: [email protected]
- Re: security patch
- References:
- Prev by Date: Re: 2.6.14-rc2-mm1
- Next by Date: oops when playing using pluto2 driver
- Previous by thread: Re: security patch
- Next by thread: Re: security patch
- Index(es):
