Exec Shield for the Linux Kernel

Posted by michael on Saturday May 3, 2003 @02:47PM from the planning-for-failure dept.

DarkOx writes "There is a new patch from Ingo Molnar which can prevent overflow attacks. The scoop from KernelTrap is as follows: Ingo Molnar has announced a new kernel-based security feature for Linux/x86 called 'Exec Shield'. He describes the patch, which is against the 2.4.20-rc1 kernel, as: 'The exec-shield feature provides protection against stack, buffer or function pointer overflows, and against other types of exploits that rely on overwriting data structures and/or putting code into those structures. The patch also makes it harder to pass in and execute the so-called 'shell-code' of exploits. The patch works transparently, ie. no application recompilation is necessary.'"

2 of 264 comments (clear)

Min score:

Reason:

Sort:

3 words by ufpdom · 2003-05-03 17:05 · Score: 0, Offtopic

They deserve it -100 FLAIMBAIT

--
There's no Freedom like UFP-dom
NOT OFF TOPIC by TeknoDragon · 2003-05-03 17:30 · Score: 0, Offtopic

but well... ingo isn't such a "douchbag"

the latest OpenBSD release has the same feature... called W^X (W xor X)