[11853] in bugtraq
fixing all buffer overflows --- random magin numbers
daemon@ATHENA.MIT.EDU (Dr. Joel M. Hoffman)
Sun Sep 12 20:12:45 1999
Message-Id: <m11PyZm-000369C@jmh>
Date: Sat, 11 Sep 1999 21:37:00 EDT
Reply-To: "Dr. Joel M. Hoffman" <joel@EXC.COM>
From: "Dr. Joel M. Hoffman" <joel@EXC.COM>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
I was thinking --- it wouldn't be too hard to make buffer overflow
attacks impossible. The basic idea is to do away with binary
compatibility.
In particular, I was thinking that part of building a kernel would
involve assigning a random number to each syscall, and creating a
syscall.h file with these random numbers. A binary would only run if
it was compiled with the proper syscall.h, so all binaries would have
to be recompiled for the new kernel, but then, syscall.h could be
removed, and the system would be impervious to buffer overflow
attacks. (One step further would involve random magic numbers in
every function call.)
I would be happy to give up binary compatilibyt for the added security
it would add.
Comments?
-Joel Hoffman
(joel@exc.com)
