Re: [uml-user] SKAS and the location of userland stack

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

On Mon, Mar 24, 2003 at 04:45:28PM -0500, Jeff Dike wrote:
> However, I believe there are generic kernel patches which will randomize the
> location of user stacks.  This is a far better thing to do than to rely on
> the tt UML behaviour.  It's far more robust, since to run a stack smash against
> a UML only requires fiddling an address or two in the exploit.

I'll have to see if I can find that patch, which sounds like it's just
what's wanted.  As for the weakness of the tt mode's relocation, I
wasn't expecting more than a roadbump - hopefully if the exploit didn't
work as expected he'd move along to the next candidate, leaving me more
time to get the fix (or workaround, or take the service down if that's
the best available option) installed.  Security is a process, not a
product, but an onion is still useful.  :-)

-- 
He that questioneth much shall learn much, and content much; but
especially if he apply his questions to the skill of the persons whom
he asketh; for he shall give them the occasion to please themselves
in speaking, and himself shall continually gather knowledge.  But let
his questions not be troublesome, for that is fit for a poser; and
let him be sure to leave other men their turns to speak.  - Francis Bacon