Hello, on http://lists.suse.com/archive/suse-security/2003-Dec/0051.html I read that the SuSE 9.0 update kernel contains Stack Overflow Protection. I tested this with a short example from an article in the German computer magazine c't ("Das Sicherheitsloch", c't 23/2001, p. 216) 1 void function(int a, int b, int c) { 2 char buffer1[8]; 3 char buffer2[16]; 4 int *ret; 5 6 ret = buffer1 + 12; 7 (*ret) += 8; 8 } 9 10 void main() { 11 int x; 12 13 x = 0; 14 function(1,2,3); 15 x = 1; 16 printf("%d\n",x); 17 } On SuSE 9.0 this produces "1", which is correct, on an old machine it produces "0", which is incorrect. My questions are now: 1. Does this protection have any disadvantages? 2. Will it be included in future versions of the vanilla kernel? 3. Why is this a "hidden feature"? Why doesn't SuSE let the people know that they've included this stack overflow protection? Regards, Bernhard