On Sat, 11 Sep 1999, Dr. Joel M. Hoffman wrote: > In particular, I was thinking that part of building a kernel would > involve assigning a random number to each syscall, and creating a > syscall.h file with these random numbers. A binary would only run if > it was compiled with the proper syscall.h, so all binaries would have > to be recompiled for the new kernel, but then, syscall.h could be > removed, and the system would be impervious to buffer overflow ok what happens when you need to compile soemthing else? would you then have to recompile the WHOLE system? and wouldnt the syscall.h essentially be in all the bins, which would most likely be readable, and if they core dumped, the sysbols would be right there. Im defiently not an expert but this seems like a half baked(or mayber fully, how many bowls did you smoke) idea. persoanlly i think the best way to avoid overflows is to programm the apps correctly in the first place, if you dont check before you insert into a buffer you probly shouldnt be writing apps with root/administrative privlages. THAT is how to get rid of all buffer overflows.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:03:09 PDT