|
|
BugTraq
http://www.smashguard.org Jan 30 2004 11:34PM Hilmi Ozdoganoglu (cyprian purdue edu) (2 replies) RE: http://www.smashguard.org Feb 03 2004 12:36PM Dave Paris (dparis w3works com) (2 replies) RE: http://www.smashguard.org Feb 06 2004 08:29PM Hilmi Ozdoganoglu (cyprian purdue edu) (3 replies) Re: http://www.smashguard.org Feb 07 2004 11:44PM Crispin Cowan (crispin immunix com) (2 replies) Re: http://www.smashguard.org Apr 29 2004 09:55PM Pavel Machek (pavel ucw cz) (3 replies) Re: http://www.smashguard.org Apr 29 2004 11:24PM Crispin Cowan (crispin immunix com) (2 replies) Re: http://www.smashguard.org Feb 07 2004 03:27PM Theo de Raadt (deraadt cvs openbsd org) (1 replies) |
|
Privacy Statement |
Certain apps (notably java virtual machines) manipulate stack return
addresses. I understood that one of the advantages of Immunix's product
StackGuard was that you could still run these types of apps by
statically linking them against a normal libc (and chrooting them or
otherwise confining them). If the protection is mandatory, and in
hardware, then surely these types of app wont work.
Cheers,
Leon
Hilmi Ozdoganoglu wrote:
> SmashGuard is a hardware-based solution developed at Purdue
>University to prevent Buffer-Overflow Attacks realized by overwriting the
>Function Return Address (patent-pending). The design of SmashGuard is a
>kernel patch that supports CPUs modified to support SmashGuard protection.
>
> For details please refer to the TechReports at:
>
> http://www.smashguard.org
>
> In addition to details of SmashGuard, the site serves as a comprehensive
>resource for buffer overflow attacks/prevention/detection. On "the buffer
>overflow page" we provide links to research papers, known exploits, safer
>C languages, patents, audit tools and more. If you can think of a site or
>resource that should be added please send email to our webmaster
>(cyprian (at) purdue (dot) edu [email concealed])
>
>-SmashGuard Group
>
[ reply ]