User: Password:
|
|
Subscribe / Log in / New account

What's New in Fedora Core 5 Test2

What's New in Fedora Core 5 Test2

Posted Jan 19, 2006 10:34 UTC (Thu) by nix (subscriber, #2304)
In reply to: What's New in Fedora Core 5 Test2 by nix
Parent article: What's New in Fedora Core 5 Test2

The old patch was called, variously, `SSP' and `ProPolice' at different times (and by different people? Its history is murky.)

`Assign a random and verifiable value to the stack' is a bad description. It populates a random `stack canary' from /dev/urandom at process initialization, then puts it at the top of the stack frame of all functions containing a char array above a certain size (or, with -fstack-protector-all, any function containing a char array); it also reorders the stack frame to ensure that parameters also appear on one side of the canary, while the function return address is on the other side of it. The effect is to ensure that buffer overruns that smash the return address will always smash the canary too, making `return-into-libc' attacks and many other classes of buffer overrun much harder.

(The only downside is that this drains /dev/urandom's entropy pool. gentoo at least has a patch that creates a /dev/frandom device that is seeded just once from the entropy pool and then becomes a normal PRNG, and a patch to SSP that uses it, but the frandom patch was rejected from the kernel tree on the basis that some daemon could equally well do the job. It could: but that would stop you from using it in SSP...)


(Log in to post comments)


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds