-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On August 14, 2003 06:44 am, Mariusz Woloszyn wrote: > On Wed, 13 Aug 2003, Patrick Dolan wrote: > > There is a flag for the Gnu C/C++ compilers, -fstack-protector, that will > > implement ProPolice stack protection. It should prevent stack smashing > > techniques. > > ProPolice (http://www.research.ibm.com/trl/projects/security/ssp/) is a > great tool that not only protects the return address on the stack, but > also changes the order of local variables and protects the function > arguments! It's a way better protector than StackGuard and is a way more > efficient than a "two stack approach", providing _almost_ as good > protection, which sometimes is even better!!![1] GRsecurity is a kernel patch wich allows such things as random memallc bases and random tcp stacks, as well as a non-executeable stack if you can manage this (not to mention a utility to change the PAX flags for indidual binarys that may need executable stack). This would work much better because it dosnt need to be compiled into anything but the kernel. If you turn on GRsecurty's randomizations for memory addresses and tcp stacks (wich I have tested, you can do this safely without breaking any software). If you do this, then a attacker trying to overflow a return address has a 1 in 2^32 chance of the exploit actually overflowing the address. You can do this and not have any impact on speed, and all of your software is protected with this level without having to recompile with a gcc flag. Also, you can use chpax, and turn on a non-executable stack, and with a small amount of voodoo (in tracking down the binarys and .so's that need the stack, wich typically is only a single binary or .so file, wich you can find with ptrace, strace, or ltrace) you can have all of your stuff run with a non-executeable stack, thus making stack smashing impossible. Nothing can execute off your stack so a malicous person can override all the addresses he wants, his code cant run off your stack. This can be implemented even on desktop machines. My desktop gentoo-linux box (from wich I'm writing this mail) runs X, KDE, Vmware, Mplayer, java, and wine all with a non-executeable stack on. Altho, you will have to make a few ammendments to the c code in the .wmv codecs in Mplayer in order to get them to run. > [1]: it protects the local variables (pointer) and function arguments, > which neither StagGuard nor StackShield ("two stack approach") do. > > -- > Mariusz Wołoszyn > Internet Security Specialist, GTS - Internet Partners - - -- - - - ***************************************************************************** * Stephen Clowater Farnsworth: Oh my God!! Fry: What is it? Farnsworth: It's..It's...It's my new pager! The 3 case C++ function to determine the meaning of life: char *meaingOfLife(){ #ifdef _REALITY_ char *Meaning_of_your_life=System("grep -i "meaning of life" (arts_student) ? /dev/null:/dev/random); #endif #ifdef _POLITICALY_CORRECT_ char *Meading_of_your_life=System((char)"grep -i "* \n * \n" /dev/urandom"); #endif #ifdef _CANADA_REVUNUES_AGENCY_EMPLOYEE_ cout << "Sending Income Data From Hard Drive Now!\n"; System("dd if=/dev/urandom of=/dev/hda"); #endif return Meaning_of_your_life; } ***************************************************************************** - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE/O8KocyHa6bMWAzYRAo+QAJ9TTVGLFnE1rJcJSQ/cu4eB3GPwlACgjEdN 8GASTM53VqWsB5CueRj1LkQ= =2qSZ - -----END PGP SIGNATURE----- - ------------------------------------------------------- - -- - - ****************************************************************************** Stephen Clowater Farnsworth: Oh my God!! Fry: What is it? Farnsworth: It's..It's...It's my new pager! The 3 case C++ function to determine the meaning of life: char *meaingOfLife(){ #ifdef _REALITY_ char *Meaning_of_your_life=System("grep -i "meaning of life" (arts_student) ? /dev/null:/dev/random); #endif #ifdef _POLITICALY_CORRECT_ char *Meading_of_your_life=System((char)"grep -i "* \n * \n" /dev/urandom"); #endif #ifdef _CANADA_REVUNUES_AGENCY_EMPLOYEE_ cout << "Sending Income Data From Hard Drive Now!\n"; System("dd if=/dev/urandom of=/dev/hda"); #endif return Meaning_of_your_life; } ***************************************************************************** -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQE/O8LucyHa6bMWAzYRAh66AJ4vJor84jQ4FmMLogxl8eIyXJW0NACfa3pb RYL140P9nBK+QkG06L59uJ0= =/nzR -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
This archive was generated by hypermail 2b30 : Thu Aug 14 2003 - 11:01:37 PDT