|
Bugtraq
mailing list archives
Re: fixing all buffer overflows --- random magin numbers
From: nmanisca () VT EDU (nm)
Date: Sun, 12 Sep 1999 20:43:42 -0400
Neat idea.
But, couldn't someone just take a common binary (say ls) that exists
on the target system and reverse engineer it and begin to make a mapping
of numbers to syscalls.
Nick Maniscalco
At 09:37 PM 9/11/99 -0400, Dr. Joel M. Hoffman wrote:
I was thinking --- it wouldn't be too hard to make buffer overflow
attacks impossible. The basic idea is to do away with binary
compatibility.
In particular, I was thinking that part of building a kernel would
involve assigning a random number to each syscall, and creating a
syscall.h file with these random numbers. A binary would only run if
it was compiled with the proper syscall.h, so all binaries would have
to be recompiled for the new kernel, but then, syscall.h could be
removed, and the system would be impervious to buffer overflow
attacks. (One step further would involve random magic numbers in
every function call.)
I would be happy to give up binary compatilibyt for the added security
it would add.
Comments?
-Joel Hoffman
(joel () exc com)
 By Date 
By Thread
Current thread:
- Re: fixing all buffer overflows --- random magin numbers nm (Sep 12)
|
Intro
