Slashdot Mirror

← Back to Stories (view on slashdot.org)

Stack-Smashing Protection Added To OpenBSD gcc

Posted by timothy on from the smooshing-still-in-the-wings dept.

DieNadel writes "As posted here, support to ProPolice was added to OpenBSD. You can check the announcement. Note that THERE ARE dependencies that should be taken care of before building a new kernel, even on -stable."

3 of 44 comments (clear)

  1. well isn't this just gosh darn great! by F2F · · Score: 4, Insightful

    damn it, why not make the stack grow downwards, like Plan 9 has done? ain't no stack smashing there! hell, no superuser either! (plus private namespaces take care of everything else)

    Spaf: You can't secure a machine with a privileged user.

    1. Re:well isn't this just gosh darn great! by doug_wyatt · · Score: 4, Insightful
      Spaf: You can't secure a machine with a privileged user.
      evilviper : That's nice to hear, but I completely disagree. The only problems it has ever caused is the fact that people are lazy and run everything as Root. Run every service as a normal user, remove SUID everywhere possible, and there is no way anyone can break-in, without a very bad kernel bug, or some sort of system misconfiguration.
      That's nice to hear, as well, but there have been numerous instances where the privileged user model has caused security problems. The privileged user model forces you to have more authority than you want when you need to do any number of things. That, combined with resource naming indirection (e.g. filenames to inodes) and race conditions (e.g. if (has_certian_attributes(filename)) { delete(filename); } where someone can change what filename refers to beween the if and the then) has a long a ugly history of allowing non-trusted code to trick trusted (i.e. privileged) code to do Bad Things(tm). And it's not because the privileged code should have been run as a normal user, since there are many things that only root can do.

      Just look at how complicated sshd has had to become to try to prevent these kinds of problems. It's unacceptable that every program which needs to do one minor root-only task needs to be this complicated.

      Systems which use explicit non-indirected resource-specific privilige tokens (so you can bestow on an application the rights to do exactly what it needs to be able to do, and nothing more) are much less susceptible to such bugs/attacks.

  2. Re:Tsarkon Reports: More from this Shit Project? by Geekboy(Wizard) · · Score: 2, Insightful

    StackGuard is only currently implemented on x86

    Hmm...then how come I have it on my OpenBSD/macppc system?

    As for GCC3, well, check http://www.trl.ibm.com/projects/security/ssp/statu schart.html