4888923 2000-03-12  00:31  /40 rader/ Brevbäraren (som är implementerad i) Python
Mottagare: Bugtraq (import) <10184>
Ärende: Linux patch for blocking buffer overflow based attacks
------------------------------------------------------------
--------
From

http://www.iac.rm.cnr.it/newweb/tecno/software/indexsoftware.htm

is available a patch to the Linux kernel that  we developed for
blocking (most) buffer overflow based attacks.  Basically we
instrument some "critical" systems calls (execve, chmod,...) to check
a database of information provided by the system administrator by
means of a modified chmod command (also included in the software).  A
README file explains the installation procedure whereas a paper
(BufOverA.ps.gz), that is submitted to the 9 Usenix Security
Symposium, describes the details of our approach.  We like to stress
that this is NOT an alternative to solutions like StackGuard or ITS4
rather it should be considered an additional protection mechanism.
The code has been tested for several months in our organizations
(Rome University "La Sapienza" and Institute for Computing
Applications) and should be compatible with any kernel >= 2.2.12-20.
For any question, comment, suggestion, send a note to:
emgab@tiscalinet.it.

Have a nice day,
Massimo



--- Massimo Bernaschi: Istituto Applicazioni del Calcolo ----
|  IAC-CNR                  | e-mail: massimo@iac.rm.cnr.it |
|  V.le del Policlinico 137 | phone: +39 06 88470229        |
|  00161 Roma - ITALY       | fax:   +39 06 4404306         |
-------------------------------------------------------------
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2

mQBtAzjE14kAAAEDALqbd8BzUQllZNgJlZZWUAd+ztvVgnHE2cOlPURH3r+OjIus
ndHD2YZa73wI7FljN0EXHhgaxIUqfozjKwLd/Eeo9KHletO3p9XNyicq1Wx6Q3h5
sba4wj6EfYuLyKy33QAFEbQHbWFzc2ltbw==
=rIXA
-----END PGP PUBLIC KEY BLOCK-----
(4888923) ------------------------------------------(Ombruten)