Slashdot Mirror


Exec Shield for the Linux Kernel

DarkOx writes "There is a new patch from Ingo Molnar which can prevent overflow attacks. The scoop from KernelTrap is as follows: Ingo Molnar has announced a new kernel-based security feature for Linux/x86 called 'Exec Shield'. He describes the patch, which is against the 2.4.20-rc1 kernel, as: 'The exec-shield feature provides protection against stack, buffer or function pointer overflows, and against other types of exploits that rely on overwriting data structures and/or putting code into those structures. The patch also makes it harder to pass in and execute the so-called 'shell-code' of exploits. The patch works transparently, ie. no application recompilation is necessary.'"

8 of 264 comments (clear)

  1. Linux is for fags by Anonymous Coward · · Score: -1, Troll

    eat shit, homos

    first post

    bush rules

    1. Re:Linux is for fags by Anonymous Coward · · Score: -1, Troll

      I think you mean to say "eat shit, hemos"

  2. Great! by Anonymous Coward · · Score: 0, Troll

    Now we can get java slowness in all applications in one easy step! In addition, we can now write sloppy code and just tell people to install this patch first! Finally, open source programming has gotten easy.

  3. MOD PAEENT UP!!! by Anonymous Coward · · Score: -1, Troll

    Any mod that doesn't get the joke and thinks its troll should be shot.

  4. Re:*BSD is dying by Anonymous Coward · · Score: -1, Troll

    I honestly, truly, cannot believe that this hoary old troll still reels 'em in. It's heartwarming, really.

  5. Just remember this one thing: by Anonymous Coward · · Score: -1, Troll

    If I find out where you live, you're as good as dead.

  6. Sounds like fun by Anonymous Coward · · Score: -1, Troll

    Let's do it !
    -- Nino Rota

  7. great stuff.. by msh104 · · Score: -1, Troll

    The exec-shield feature provides protection against stack, buffer or function pointer overflows, and against other types of exploits that rely on overwriting data structures and/or putting code into those structures. great ! not that i was experiencing any of dose problems but it is nice to hear that they are solved ever before i get them. go go linux !!!