Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: Buffer overflow prevention
From: Massimo Bernaschi <massimo () iac rm cnr it>
Date: Fri, 15 Aug 2003 19:37:06 +0200

The discussion about the various techniques for buffer overflow
prevention is very interesting, but if the target is to prevent the 
security threats caused by buffer overflows, then one should look for
an operating system base solution, since it is an OS issue to enforce
the security. Solutions based on the control of system calls execution
like systrace (http://www.citi.umich.edu/u/provos/systrace/) or 
remus (http://remus.sourceforge.net/) are just two possible examples of
such approach.

Massimo

--- Massimo Bernaschi: Istituto Applicazioni del Calcolo ---- 
|  IAC-CNR                  | e-mail: massimo () iac cnr it    |
|  V.le del Policlinico 137 | phone: +39 06 88470229        |
|  00161 Roma - ITALY       | fax:   +39 06 4404306         |
---------------------------------------------------------------------------
|See http://www.iac.cnr.it/~massimo for my GPG public key or check        |
|GnuPG Public Key Fingerprint (keyserver.linux.it)                        |
|pub  1024/CAA3FB48 2001/01/04 Massimo Bernaschi <massimo () iac rm cnr it>  |
|     Key fingerprint = 3EFF 7AFF F8A4 F34E 382B  DD81 57F3 700A CAA3 FB48|
---------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]