A. Snarskii, "FreeBSD Stack integrity patch," ftp://ftp.lucky.net/pub/unix/local/libc-letter, 1997.  Home/Search   Document Not in Database   Summary   Related Articles   Check

.... details about the art of writing buffer overflow exploits, we refer the interested reader to the wealth of publications on the issue (e.g. 1, 16] Various pro active and reactive solutions have been proposed that are characterized by different targets, i.e. source or executable code (e.g. [20, 10, 19, 4]) In order to devise a filtering scheme that will protect the system from root compromise via buffer overrun, we characterize the necessary conditions for a buffer overrun to succeed. The critical components of such an attack are the setuid to root program and the possibility of passing ....

A. Snarskii, "FreeBSD Stack integrity patch," ftp://ftp.lucky.net/pub/unix/local/libc-letter, 1997.

....the right code fragment can be found within the body of the program itself. Thus additional protection for critical data structures such as function pointers and function return addresses, as described in Section 5.4. 6. 2 FreeBSD Stack Integrity Check Alexander Snarskii developed a FreeBSD patch [22] that does similar integrity checks to those used by the Canary variant of StackGuard. However, these integrity checks were non portable, hard coded in assembler, and embedded in libc. This method protects against stack smashing attacks inside libc, but is not as general as StackGuard. 6.3 Array ....

Alexander Snarskii. FreeBSD Stack Integrity Patch. ftp://ftp.lucky.net/pub/unix/ local/libc-letter, 1997.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC