[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ANNOUNCE] glibc heap protection patch

To: "Eugene Tsyrklevich" <eugene@securityarchitects.com>
Subject: Re: [ANNOUNCE] glibc heap protection patch
From: William Robertson <wkr@cs.ucsb.edu>
Date: Wed, 3 Dec 2003 11:33:56 -0800

On Dec 03, 2003, at 01:52, Eugene Tsyrklevich wrote:

indeed, it should

This has been patched to use /dev/urandom in v1.4, which also fixes a couple of other issues.

have you seen http://synflood.at/contrapolice/? your paper did not mention this.

We didn't find this when we did our related work search back during late spring, but Andreas contacted me after our announcement. From looking at the code, I don't think the goals are quite the same. We only try to protect the chunk headers, but it seems that he wants instead to protect data contained in the user-visible memory region. This would be nice, but I think this has its own set of issues.

any plans on porting this to OpenBSD (and saving me time :)?

I've started looking at it, but I don't think I'll have time to seriously evaluate the situation there for a week or two, so feel free. :-)

eugene


--
William Robertson
Reliable Software Group, UC Santa Barbara
http://www.cs.ucsb.edu/~wkr/

References:
- [ANNOUNCE] glibc heap protection patch
  - From: William Robertson <wkr@cs.ucsb.edu>
- Re: [ANNOUNCE] glibc heap protection patch
  - From: "Eugene Tsyrklevich" <eugene@securityarchitects.com>
- Re: [ANNOUNCE] glibc heap protection patch
  - From: William Robertson <wkr@cs.ucsb.edu>

Prev by Date: Re: [ANNOUNCE] glibc heap protection patch
Next by Date: Re: Altova XMLSpy "phones home" user data
Previous by thread: Re: [ANNOUNCE] glibc heap protection patch
Next by thread: Re: [ANNOUNCE] glibc heap protection patch
Index(es):
- Date
- Thread