[11864] in bugtraq
Re: fixing all buffer overflows --- random magin numbers
daemon@ATHENA.MIT.EDU (Eric Hutchinson)
Mon Sep 13 00:38:47 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.LNX.4.10.9909121831070.11732-100000@deadbeef.capecod.net>
Date: Sun, 12 Sep 1999 18:35:39 -0400
Reply-To: Eric Hutchinson <sanityimp@GEOCITIES.COM>
From: Eric Hutchinson <sanityimp@GEOCITIES.COM>
X-To: "Dr. Joel M. Hoffman" <joel@EXC.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <m11PyZm-000369C@jmh>
On Sat, 11 Sep 1999, Dr. Joel M. Hoffman wrote:
> In particular, I was thinking that part of building a kernel would
> involve assigning a random number to each syscall, and creating a
> syscall.h file with these random numbers. A binary would only run if
> it was compiled with the proper syscall.h, so all binaries would have
> to be recompiled for the new kernel, but then, syscall.h could be
> removed, and the system would be impervious to buffer overflow
ok what happens when you need to compile soemthing else? would you then
have to recompile the WHOLE system? and wouldnt the syscall.h essentially
be in all the bins, which would most likely be readable, and if they core
dumped, the sysbols would be right there.
Im defiently not an expert but this seems like a half baked(or mayber
fully, how many bowls did you smoke) idea. persoanlly i think the best way
to avoid overflows is to programm the apps correctly in the first place,
if you dont check before you insert into a buffer you probly shouldnt be
writing apps with root/administrative privlages. THAT is how to get rid of
all buffer overflows.
