The discussion about the various techniques for buffer overflow
prevention is very interesting, but if the target is to prevent the
security threats caused by buffer overflows, then one should look for
an operating system base solution, since it is an OS issue to enforce
the security. Solutions based on the control of system calls execution
like systrace (http://www.citi.umich.edu/u/provos/systrace/) or
remus (http://remus.sourceforge.net/) are just two possible examples of
such approach.
Massimo
--- Massimo Bernaschi: Istituto Applicazioni del Calcolo ----
| IAC-CNR | e-mail: massimo (at) iac.cnr (dot) it [email concealed] |
| V.le del Policlinico 137 | phone: +39 06 88470229 |
| 00161 Roma - ITALY | fax: +39 06 4404306 |
------------------------------------------------------------------------
---
|See http://www.iac.cnr.it/~massimo for my GPG public key or check |
|GnuPG Public Key Fingerprint (keyserver.linux.it) |
|pub 1024/CAA3FB48 2001/01/04 Massimo Bernaschi <massimo (at) iac.rm.cnr (dot) it [email concealed]> |
| Key fingerprint = 3EFF 7AFF F8A4 F34E 382B DD81 57F3 700A CAA3 FB48|
------------------------------------------------------------------------
---
prevention is very interesting, but if the target is to prevent the
security threats caused by buffer overflows, then one should look for
an operating system base solution, since it is an OS issue to enforce
the security. Solutions based on the control of system calls execution
like systrace (http://www.citi.umich.edu/u/provos/systrace/) or
remus (http://remus.sourceforge.net/) are just two possible examples of
such approach.
Massimo
--- Massimo Bernaschi: Istituto Applicazioni del Calcolo ----
| IAC-CNR | e-mail: massimo (at) iac.cnr (dot) it [email concealed] |
| V.le del Policlinico 137 | phone: +39 06 88470229 |
| 00161 Roma - ITALY | fax: +39 06 4404306 |
------------------------------------------------------------------------
---
|See http://www.iac.cnr.it/~massimo for my GPG public key or check |
|GnuPG Public Key Fingerprint (keyserver.linux.it) |
|pub 1024/CAA3FB48 2001/01/04 Massimo Bernaschi <massimo (at) iac.rm.cnr (dot) it [email concealed]> |
| Key fingerprint = 3EFF 7AFF F8A4 F34E 382B DD81 57F3 700A CAA3 FB48|
------------------------------------------------------------------------
---
[ reply ]