| |||||||||||||
Address space randomization in 2.6Address space randomization in 2.6Posted Feb 10, 2005 6:21 UTC (Thu) by aarchiba (guest, #27728)Parent article: Address space randomization in 2.6
Not to sound like djb, but:
A program that allows stack-smashing really has a security hole, and needs to be fixed. Making exploits more cumbersome may be more of an obstacle to white hats trying to prove that a hole is really a hole then to black hats trying to break in. Now if the randomization code caused buggy programs to *crash* then I'd go for it...
(Log in to post comments)
Address space randomization in 2.6 Posted Mar 17, 2005 12:59 UTC (Thu) by farnz (guest, #17727) [Link] Yes, the program needs to be fixed; however, in the gap between black hats discovering a security hole, and white hats fixing it, I'd rather have something which makes exploiting it harder, than hope that the black hats don't come and get me.Randomization causes exploitable buggy code to go from permanently exploitable to crashes on most of the attempts. If (say) Apache on Debian Woody has an exploitable hole, without randomization, the black hat determines the exploit on his local machine (crashing Apache several times into the bargain), then he can exploit all vunerable machines on the Internet without risk of being caught. With randomization, most attempts to work out the address space on the remote machine cause Apache to crash; a good admin notices his servers crashing, and investigates why. Bear in mind that the average exploit involves inducing the program to run code it shouldn't; if the location in memory of that code is random, your chances of actually running valid code have dropped.
|
|||||||||||||