[...]

Von: Jan Luehr [mailto:jluehr@gmx.net] Gesendet am: Mittwoch, 13. März 2002 18:28 An: suse-security@suse.com Betreff: [suse-security] Protecting against BufferOverflows

greetings

are there any kernel patches or other things, defending suse linux against Bufferoverwflows? [...]

Yes there are some. One of the well-known patches is Solar Designer's kernel patch, which you will find here: http://www.openwall.com/linux/ It adds an additional security menu to the kernel config, for things like non-executable user stack area, restricted links, etc. But be careful. A quote from the patch README: "However, note that this patch is by no means a complete solution, it just adds an extra layer of security. Many buffer overflow vulnerabilities will remain exploitable a more complicated way, and some will even remain unaffected by the patch. The reason for using such a patch is to protect against some of the buffer overflow vulnerabilities that are yet unknown." This is not only directed at the Solar Designer patch, but also to such kind of patches in general; there are numerous exploits out there which recognise these patches and try to sneak past them (which is possible, tho harder to accomplish). Boris Lorenz ---