On Tue, 14 Sep 1999, Crispin Cowan wrote: > (post sent as HTML and ASCII because there's a table that's easier to read > in HTML. Aleph, go ahead and nuke the HTML if you prefer) Urg. Pine happily munged it on reply: > The result looks like this: > > Interface Implementation > > Restriction * Firewalls * Bounds checking > * TCP Wrappers * StackGuard > * Randomly renaming system files > * Randomly renumbering system > Permutation calls (the hack proposed here * Randomly munging > by Maniscalco) data layout > * Fred Cohen's Deception Toolkit You missed a couple interesting ones. One is randomly offsetting the stack. Another is having separate stacks for the call chain and local variables. Obviously wastes a register (or an indirection), but can probably be proved secure against stack smashing. -- "Love the dolphins," she advised him. "Write by W.A.S.T.E.."
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:04:28 PDT