Stack-Smashing Protection Added To OpenBSD gcc 44
DieNadel writes "As posted here, support to ProPolice was added to OpenBSD. You can check the announcement. Note that THERE ARE dependencies that should be taken care of before building a new kernel, even on -stable."
Re:Tsarkon Reports: More from this Shit Project? (Score:2, Informative)
I really shouldn't respond to trolls, but I guess I am anyway. StackGuard is only currently implemented on x86, but I don't think it actually depends on any x86-isms; likewise, even though it is currently only implemented in Linux, it doesn't really depend on any Linux-isms. It's only limited to Linux x86 because that's all anyone with time or money ever bothered to implement it on. I'm told that a GCC 3 implementation is nearly done. I ask about it everytime I venture downtown to have lunch with the WireX folks (I used to work there, but not in the research side).
Re:Tsarkon Reports: More from this Shit Project? (Score:2, Insightful)
Hmm...then how come I have it on my OpenBSD/macppc system?
As for GCC3, well, check http://www.trl.ibm.com/projects/security/ssp/stat
Re:Tsarkon Reports: More from this Shit Project? (Score:1)
Re:Tsarkon Reports: More from this Shit Project? (Score:1)
There's a chance, if someone is willing to port it or maybe if Sun funds it. But the SPARC architecture, while interesting technologically, isn't interesting economically (hence the fact that many of the commerical distros have stopped supporting it) as a Linux platform. Plus, according to the link above, IBM has something based on SG that seems to be already on SPARC.
Performance? (Score:3, Interesting)
of the generated executables?
yes (Score:4, Informative)
Re:Performance? (Score:1)
Not -stable, only -current (Score:5, Informative)
building a new kernel, even on -stable.
No, no, no - propolice has only been added into the -current tree, so if you are tracking -stable, continue as before. Only critical fixes go into -stable, certainly nothing as huge as a big GCC patch.
well isn't this just gosh darn great! (Score:4, Insightful)
Spaf: You can't secure a machine with a privileged user.
Re:well isn't this just gosh darn great! (Score:2)
on which platforms do stacks NOT already grow downward?
Re:well isn't this just gosh darn great! (Score:3, Informative)
Re:well isn't this just gosh darn great! (Score:1)
Multics, according to a paper I have lying around here somewhere.
It has nothing to do with stack growth direction. (Score:2, Informative)
Re:well isn't this just gosh darn great! (Score:3, Interesting)
*Ahem*. No matter which way you go, you will hit something eventually. Throw a ton of noops into the stack, followed by the shellcode, and you've exploited an incrementing* stack.
* Terms like up & down don't work very well when talking about virtual space, as people may envision it differently. You seem to think of a higher memory address as "down"; others do not.
That's nice to hear, but I completely disagree. The only problems it has ever caused is the fact that people are lazy and run everything as Root. Run every service as a normal user, remove SUID everywhere possible, and there is no way anyone can break-in, without a very bad kernel bug, or some sort of system misconfiguration.
Re:well isn't this just gosh darn great! (Score:4, Insightful)
Just look at how complicated sshd has had to become to try to prevent these kinds of problems. It's unacceptable that every program which needs to do one minor root-only task needs to be this complicated.
Systems which use explicit non-indirected resource-specific privilige tokens (so you can bestow on an application the rights to do exactly what it needs to be able to do, and nothing more) are much less susceptible to such bugs/attacks.
Re:well isn't this just gosh darn great! (Score:2)
Well, there are some ways around that. Probably the best solution to date is systrace, which can give each application only the privlidges it needs.
SSH needs to perform many privlidged operations. It's complexity is both because of that, and because they have gone to great legnths to make sure a serius bug will still not result in exploitation.
There is now a privlidge seperation library, so a program can utilize that same protection without nearly as much work.
OpenBSD has lots of new coolness (Score:5, Interesting)
Re:OpenBSD has lots of new coolness (Score:2)
I'm wondering if there are plans to use systrace to get around the super-user requirement for binding to low ports. That would pretty cool.