On Thu, 20 Jan 2005 20:04:54 +0530, Syed Ahemed said: > Just a thought , Any specific reasons why isn't there a LSM module > that takes care of length checking of strings that cause buffer > overflow ( hooks for strcpy or memcpy ) .? Even 2.6 doesn't address > this. The "Linux Way" has *always* been to require that kernel code be correct. There really *ISN'T* anything that 'strcpu' can do to "protect" kernel code from doing something bad - there *simply* *is* *not* *enough* *information* *available*. strcpy() is handed 2 pointers. Where does it get the *available length* from? (Hint - you can't even assume the use of a "magic cookie" kmalloc() that leaves the number of allocated bytes in an 'int' located at &((char *)(ptr - sizeof(int)) or similar magic, because the pointer could be to a 'static' variable. You simply can't do it in C, at least not without the cooperation of the compiler and an ABI change for the architecture. > Maybe am missing a fundamental point but considering LSM implements > OWL patch for non-executable stack that actually is a "consequence" of > a buffer overflow attack ,I felt it makes sense to implement. I'll merely point out that LSM does *NOT* implement the OWL patch for non-exec stack. That's done (at least in mainstream 2.6) by a different patch, that came (somewhat indirectly) from the RedHat 'exec-shield' patch.
This archive was generated by hypermail 2.1.3 : Thu Jan 20 2005 - 08:43:12 PST