On Wed, Oct 22, 2003 at 10:16:02AM -0700, Edward W. Ray wrote:
> Linux is the hands of someone with no interest or regard for security is the
> same as Windows or any other OS in the hands of the same clueless
> individual. The main difference between the Linux and Unix variants (i.e.
> BSD, Solaris, HP-UX) is that they have already learned their lesson regarded
> buffer overflows and kernel hardening and allowed the user more control in
> securing their systems. M$ has not, and that is unfortunate.
Speaking about kernel hardening, I was wondering if anyone on the list could
comment on Ingo Molnar's Exec Shield Linux kernel patches.
How effective do you think they are? Would it actually make some holes more
difficult to exploit? Impossible to exploit? Obviously its not a 100%
blanket protection against buffer overflows (as acknowledged by the author),
but does anyone here think it could be worthwhile?
Details and patches are here:
http://people.redhat.com/mingo/exec-shield/ANNOUNCE-exec-shield
http://people.redhat.com/mingo/exec-shield/
Thanks,
-Chris
Attachment:
pgp00108.pgp
Description: PGP signature