mailing list archives
A buffer overflow study - generic protections
From: Vincent <glaume () enseirb fr>
Date: Wed, 27 Mar 2002 00:32:02 +0100
Hi all !
As computer science students, a friend and I have just ended a study on buffer
overflows and the existing protections a Linux system may use against them.
This study deals with the various kinds of overflows (heap, stack) to
understand how they work and how they may be used to execute malicious code;
then it focuses on a few Linux solutions (Grsecurity features, Libsafe...),
and explains how they behave, which kinds of exploits they prevent
It aims at presenting an overview of generic solutions which may be applied to
a whole system, although it is a non-exhaustive one.
People interested in the document may have a look there:
The report is available online in html format, or you may pick up the pdf
version... Every comment is more than welcome!
PS: I've decided to post this to the selected lists as I think readers may be
feel interested in our study, sorry if this is not the case...
- A buffer overflow study - generic protections Vincent (Mar 27)