[1838] in linux-security and linux-alert archive
[linux-security] Re: Named update for RH 4.2 exploitable?
daemon@ATHENA.MIT.EDU (Crispin Cowan)
Sun Jun 7 19:17:08 1998
From: Crispin Cowan <crispin@cse.ogi.edu>
To: linux-security@redhat.com
Date: Sun, 7 Jun 1998 13:02:14 -0700 (PDT)
In-Reply-To: <3.0.3.32.19980607141708.0072efa0@hostingservices.net> from "Mike Carpenter" at Jun 7, 98 02:17:08 pm
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com
> Next logical question: Has anyone worked out rpms for tripwire, COPS, etc?
> and why aren't these necessary security applications a standard part of ALL
> distributions?
I would LOVE for StackGuard to become part of a standard distribution.
Background: StackGuard is a gcc hack that makes programs largely
immune to stack smashing. I presented a paper on it at USENIX Security
in January.
My lab is currently doing a complete re-build of everything setuid root
in the RH 5.0 distribution using StackGuard. Just for yucks, we tried
the latest X exploit, and while a stock RH 5.0 machine was vulnerable,
the same distribution protected with StackGuard was not.
We're pushing all these builds back into rpm's, along with the
StackGuard compiler, and we're going to burn a few CDs for selected
distribution. We'll also make as much of this stuff available via the
web as possible.
For general interest, I'll be submitting a paper on the build
experience to LISA.
I would just LOVE for RedHat to take up using this tool. Even if the
compiler RH ships is not the StackGuard version, IMHO
StackGuard-protected binaries would make a great deal of sense for a
distribution.
Disclaimer: Yes, I'm plugging my project. No, I'm not "selling"
anything. StackGuard is a product of an academic research project.
Since it's a gcc patch, StackGuard is copylefted.
Crispin
-----
Crispin Cowan, Research Assistant Professor of Computer Science, OGI
StackGuard: protect your software against Stack Smashing Attack
http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/
Support Justice: Boycott Windows 98
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null