hacksterboy · Slashdot Mirror

← Back to Users

User: hacksterboy

hacksterboy's activity in the archive.

Stories: 0
Comments: 4
First seen: 2000-04-25
Last seen: 2000-04-25
Profile: (view on slashdot.org)

Comments · 4

Re:Will it give a false positive on wrapper funcs? on Libsafe: Protecting Critical Elements of Stacks · 2000-04-25 03:17 · Score: 1

> But what happens if the buffer that you are > copying into is a stack variable from a > *previous* frame? No problem: libsafe catches that too. Take a look at their white paper decsribing how it work. Even better, down load the software and give it a try.
Re:How does a stack overrun splat the return addre on Libsafe: Protecting Critical Elements of Stacks · 2000-04-25 03:12 · Score: 1

Malcom, Read the white paper available at http://www.bell-labs.com/org/11356/libsafe.html. The white pager describes how a simple buffer overflow can be used to break into machines.
Re:Libsafe and StackGuard on Libsafe: Protecting Critical Elements of Stacks · 2000-04-25 03:10 · Score: 1

> If my understanding is mistaken, and BRW > is actually in the distributed libsafe, > please correct me. No. The USENIX paper talks about libsafe and libverify. The *old* name for libverify was libbrw (brw = binary rewrite), but that changed now. IMHO, I would say to use libsafe everwhere performance matters, where you don't have access to source code, and where stackguard does not exist (eg, RH 6.0 and later versions where stackguard chages have not been proted to egcs compiler).
Re:This is obsolete for Open Source. on Libsafe: Protecting Critical Elements of Stacks · 2000-04-25 03:00 · Score: 1

IMHO: Libsafe augments non-executable stacks. Take a look at the libsafe/exploits directory, there is a sample program that escapes non-executable stacks to execute /bin/sh, but libsafe catches the overflow.