Slashdot Mirror

← Back to Stories (view on slashdot.org)

Stack-Smashing Protection Added To OpenBSD gcc

Posted by timothy on from the smooshing-still-in-the-wings dept.

DieNadel writes "As posted here, support to ProPolice was added to OpenBSD. You can check the announcement. Note that THERE ARE dependencies that should be taken care of before building a new kernel, even on -stable."

5 of 44 comments (clear)

  1. yes by honold · · Score: 4, Informative

    perhaps you should look at the project web site?

  2. Not -stable, only -current by stab · · Score: 5, Informative

    Note that THERE ARE dependencies that should be taken care of before
    building a new kernel, even on -stable.

    No, no, no - propolice has only been added into the -current tree, so if you are tracking -stable, continue as before. Only critical fixes go into -stable, certainly nothing as huge as a big GCC patch.

  3. well isn't this just gosh darn great! by F2F · · Score: 4, Insightful

    damn it, why not make the stack grow downwards, like Plan 9 has done? ain't no stack smashing there! hell, no superuser either! (plus private namespaces take care of everything else)

    Spaf: You can't secure a machine with a privileged user.

    1. Re:well isn't this just gosh darn great! by doug_wyatt · · Score: 4, Insightful
      Spaf: You can't secure a machine with a privileged user.
      evilviper : That's nice to hear, but I completely disagree. The only problems it has ever caused is the fact that people are lazy and run everything as Root. Run every service as a normal user, remove SUID everywhere possible, and there is no way anyone can break-in, without a very bad kernel bug, or some sort of system misconfiguration.
      That's nice to hear, as well, but there have been numerous instances where the privileged user model has caused security problems. The privileged user model forces you to have more authority than you want when you need to do any number of things. That, combined with resource naming indirection (e.g. filenames to inodes) and race conditions (e.g. if (has_certian_attributes(filename)) { delete(filename); } where someone can change what filename refers to beween the if and the then) has a long a ugly history of allowing non-trusted code to trick trusted (i.e. privileged) code to do Bad Things(tm). And it's not because the privileged code should have been run as a normal user, since there are many things that only root can do.

      Just look at how complicated sshd has had to become to try to prevent these kinds of problems. It's unacceptable that every program which needs to do one minor root-only task needs to be this complicated.

      Systems which use explicit non-indirected resource-specific privilige tokens (so you can bestow on an application the rights to do exactly what it needs to be able to do, and nothing more) are much less susceptible to such bugs/attacks.

  4. OpenBSD has lots of new coolness by RazzleDazzle · · Score: 5, Interesting

    They recently got round robin routing included in pf. They also got altq in pf also. They already merged nat.conf into pf.conf. They did a massive suid audit and a major license audit. Now propolice. I though OpenBSD was cool before a lot of this stuff came about. Some things like no-exec code are not available on all architectures though. There is also a calling for more gigabit equipment for furthur and continued testing, read the want pages and I believe Nate for more precise info, and make sure you contact him to make sure you don't get something already being donated.

    --
    ZERO ZERO ONE ZERO ONE ZERO ONE ONE! Just brushing up for my next big invention: Ethernet over Voice (EoV)