[4270] in bugtraq
Re: 2nd Linux kernel patch to remove stack exec
daemon@ATHENA.MIT.EDU (Systemkennung Linux)
Sun Apr 13 19:56:31 1997
Date: Mon, 14 Apr 1997 00:26:59 +0200
Reply-To: Systemkennung Linux <linux@MAILHOST.UNI-KOBLENZ.DE>
From: Systemkennung Linux <linux@MAILHOST.UNI-KOBLENZ.DE>
X-To: solar@sun1.ideal.ru
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <199704132043.RAA06710@sun1.ideal.ru> from "solar@sun1.ideal.ru"
at Apr 13, 97 05:43:04 pm
Hi,
> It's not really a problem -- everything should run just fine with my patch.
> However, the patch will not prevent buffer overflow exploits for those
> programs that use trampolines.
>
> This means that as long as libc5 is being used, most (if not all) privileged
> processes will have stack execution permission disabled. :)
>
> As for glibc, maybe it is time to change it not to use trampolines?
A patch which does this should now be in the glibc 2.1 development source.
> > Admited trampolines are a stupid idea because their performance sucks
> > on many architectures.
>
> AFAIK, they will cause some overhead for maintaining L1 code and data caches
> coherency, since the stack frame is usually in the data cache -- resulting in
> bad performance.
We're talking about some hundred cycles or more ...
Ralf
