Home page logo

oss-sec logo oss-sec mailing list archives

Re: CVE request - Linux kernel: VFAT slab-based buffer overflow
From: Yves-Alexis Perez <corsac () debian org>
Date: Tue, 26 Feb 2013 22:38:46 +0100

On mar., 2013-02-26 at 14:05 -0700, Kurt Seifried wrote:
The problem with security is you have to basically do it 100%
correctly 100% of the time

You can also look at other, more proactives approaches (hardening the
memory layout, enforcing W^X etc.). Even hardening userland might help

This is basically what's done in hardening patches like PaX/Grsecurity
(with active exploit response on top). And yes, it comes at a cost, like


Attachment: signature.asc
Description: This is a digitally signed message part

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]