Non-Executable Stack Patch
jeremie le-hen
le-hen_j at epita.fr
Thu Jun 5 02:33:38 PDT 2003
On Wed, Jun 04, 2003 at 09:23:57PM -0700, Tim Baur wrote:
> On Wed, 4 Jun 2003, Tony Meman wrote:
>
> > I was wondering if there's any non-executable stack patch for
> > FreeBSD's kernel.
> >
> > [...]
> >
> > I'm not interested in patches for gcc or alikes either.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> http://www.trl.ibm.com/projects/security/ssp/buildfreebsd.html
>From http://www.trl.ibm.com/projects/security/ssp/ :
<< What's the stack-smashing protector?
It is a GCC (Gnu Compiler Collection) extension for protecting
applications from stack-smashing attacks. Applications written
in C will be protected by the method that automatically inserts
protection code into an application at compilation time. >>
I also had a quick look to the patch, and it's clearly GCC which is
mainly modified. A very few kernel source files are changed, in
order to make a panic when a stack overflow occurs within it.
--
Jeremie aka TtZ/TataZ
jeremie.le-hen at epita.fr
More information about the freebsd-security
mailing list