fixing all buffer overflows --- random magin numbers

From: Dr. Joel M. Hoffman (joelat_private)
Date: Sat Sep 11 1999 - 18:37:00 PDT

Next message: Erik Parker: "Re: Redhat 6.0 Password Issues"

Previous message: Jim Duncan: "Re: CISCO and nestea."
Next in thread: Eric Hutchinson: "Re: fixing all buffer overflows --- random magin numbers"
Reply: Eric Hutchinson: "Re: fixing all buffer overflows --- random magin numbers"
Reply: Peter van Dijk: "Re: fixing all buffer overflows --- random magin numbers"
Reply: nm: "Re: fixing all buffer overflows --- random magin numbers"
Reply: Daniel W. Dulitz x108: "Re: fixing all buffer overflows --- random magin numbers"
Reply: Crispin Cowan: "Re: fixing all buffer overflows --- random magin numbers"
Reply: Oliver Xymoron: "Re: fixing all buffer overflows --- random magin numbers"
Reply: Crispin Cowan: "Re: fixing all buffer overflows --- random magin numbers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I was thinking --- it wouldn't be too hard to make buffer overflow
attacks impossible.  The basic idea is to do away with binary
compatibility.

In particular, I was thinking that part of building a kernel would
involve assigning a random number to each syscall, and creating a
syscall.h file with these random numbers.  A binary would only run if
it was compiled with the proper syscall.h, so all binaries would have
to be recompiled for the new kernel, but then, syscall.h could be
removed, and the system would be impervious to buffer overflow
attacks.  (One step further would involve random magic numbers in
every function call.)

I would be happy to give up binary compatilibyt for the added security
it would add.

Comments?

-Joel Hoffman
(joelat_private)

Next message: Erik Parker: "Re: Redhat 6.0 Password Issues"
Previous message: Jim Duncan: "Re: CISCO and nestea."
Next in thread: Eric Hutchinson: "Re: fixing all buffer overflows --- random magin numbers"
Reply: Eric Hutchinson: "Re: fixing all buffer overflows --- random magin numbers"
Reply: Peter van Dijk: "Re: fixing all buffer overflows --- random magin numbers"
Reply: nm: "Re: fixing all buffer overflows --- random magin numbers"
Reply: Daniel W. Dulitz x108: "Re: fixing all buffer overflows --- random magin numbers"
Reply: Crispin Cowan: "Re: fixing all buffer overflows --- random magin numbers"
Reply: Oliver Xymoron: "Re: fixing all buffer overflows --- random magin numbers"
Reply: Crispin Cowan: "Re: fixing all buffer overflows --- random magin numbers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:03:00 PDT