RE: Obtuse smtpd

[Craig Woods <craigw () november cistw saic com>]

The Oregon Graduate Institute of Science and Technology is working on a
project called immunix.  They produced a gcc add-on called stack guard.
Stack guard adds canaries to the stack.  Canaries are values that are
put on the stack before a function call and checked when the call
returns. A stack smashing attack will 'kill' the canary and the program
will abort.  There are probably better ways of doing this.  The stack
guard web page http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/
also mentions something called MemGuard that uses Pentium registers to
do VM protection down to the single word, thus detecting stack
overwrites immediately instead of when the function exits.  If anyone
knows more please chime in.  I, for one, would like to know if any unix
vendors (Sun?) have put protection like this into their compilers.
-Craig.

> -----Original Message-----
> From: Oddbjorn Steffensen [mailto:oddbjorn () oddbjorn bdc no]
> Sent: Wednesday, July 01, 1998 11:40 PM
> To: craigw () leopard cistw saic com
> Subject: Re: Obtuse smtpd
>
>
> > features and, since it is source code, you can compile it with an
> > anti-stack-smashing add-on to gcc.  
>
> Do you have any pointers to more information on this ?
>
> > Craig
>
> -oddbjørn
>
> _______________________________________________________________________
__
> If you assume that there's no hope,
http://oddbjorn.bdc.no/
> you guarantee that there will be no hope.
> -- Noam Chomsky                               FreeBSD: The Power to
Serve