StackGuard: Automatic Protection From Stack-smashing Attacks (fwd)
Mike Kabrianis
mkabrian at auadec.aua.ariadne-t.gr
Thu Oct 23 09:24:23 EEST 1997
Gia rixte tou mia matia...
>To: BUGTRAQ at NETSPACE.ORG
>
>StackGuard: Automatic Detection and Prevention of Buffer-Overflow Attacks
>
>StackGuard provides a systematic solution to the persistent problem of
>buffer overflow attacks. Buffer overflow attacks gained notoriety in
>1988 as art of the Morris Worm incident on the Internet. While it is
>fairly simple to fix individual buffer overflow vulnerabilities, buffer
>overflow attacks continue to this day. Hundreds of attacks have been
>discovered, and while most of the obvious vulnerabilities have now been
>patched, more sophisticated buffer overflow attacks continue to emerge.
>
>StackGuard is a simple compiler technique that virtually eliminates
>buffer overflow vulnerabilities with only modest performance penalties.
>Privileged programs that are recompiled with the StackGuard compiler
>extension no longer yield control to the attacker, but rather enter
>fail-safe state. These programs require no source code changes at all,
>and are binary-compatible with existing operating systems and libraries.
>
>StackGuard is intended to protect buggy software against stack smashing
>attacks, even those attacks that have not yet been discovered. For
>instance, even though StackGuard was developed prior to the public
>announcement Samba stack smashing vulnerability, the same vulnerable
>Samba code when compiled with StackGuard protection was not vulnerable
>to the attack.
>
>A paper describing StackGuard will appear in the 1998 USENIX Security
>Conference. A pre-print of the paper is available (postscript and
>HTML) here:
>
>http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/
>
>Source for the StackGuard-enhanced gcc is also here. This software is
>available under the usual GPL (GNU Public License) rules. Security people
>are invited to download and evaluate StackGuard.
>
>StackGuard may be of particular interest to system administrators
>seeking to protect their hosts from attack. The compiler is very stable;
>for instance, a StackGuard-enhanced gcc can compile itself correctly.
>Programs compiled with StackGuard should both compile and link without
>complaint. However, since this is a first release of StackGuard, I
>still recommend that privileged software be kept up to date with respect
>to security announcements.
>
>I am very interested in feedback on StackGuard. Naturally, all the usual
>feedback is requested (bugs, security vulnerabilities, comments on the
>design, etc.). Of *particular* interest is any alarms that StackGuard
>sets off: if someone attempts to apply a stack-smashing attack to
>a StackGuard-protected program, the program will halt with an error
>message instead of yielding a root shell. This message *may* indicate
>the discovery of a new stack-smashing vulnerability: please report it
>both to me. If your version of the program is current, then you may
>also wish to report the problem to the author of the program in question.
>
>I wish to thank the many contributors to the BUGTRAQ mailing list. The
>background information provided by BUGTRAQ was invaluable to this
>research. I am aware that there are other stack smashing solutions,
>and they are described and cited in the paper.
>
>Crispin
>-----
>Crispin Cowan, Research Assistant Professor of Computer Science
>Oregon Graduate Institute | Electronically:
>Department of Computer Science | analog: 503-690-1265
>PO Box 91000 | digital: crispin at cse.ogi.edu
>Portland, OR 97291-1000 | URL: http://www.cse.ogi.edu/~crispin/
> Knowledge is to Wisdom as Data is to Code
>
Mixalis Kabrianis
mkabrian at auadec.aua.ariadne-t.gr
Network Management Center
Agricultural University of Athens
--
====================================================================
Gia boithia (h na diagrafhte) e-mail sto majordomo at argos.hol.gr
Ta archives tis listas einai sto http://www.argos.hol.gr/lists :
prin steilete kapoia erothsh psakte mipos exei hdh apanththei.
Gia opoiodipote problima stilte e-mail ston owner-linux-greek-users
====================================================================
More information about the Linux-greek-users
mailing list