1 |
On Tue, 2004-04-20 at 00:46, Robert Connolly wrote: |
2 |
> On April 20, 2004 12:02 am, Ned Ludd wrote: |
3 |
> > On Mon, 2004-04-19 at 22:29, Robert Connolly wrote: |
4 |
> > > On April 19, 2004 09:16 pm, Ned Ludd wrote: |
5 |
> > > > On Mon, 2004-04-19 at 17:55, Robert Connolly wrote: |
6 |
> > > >>... |
7 |
> > > > |
8 |
> > > > Could you test the following attachment (guard-test) a few times and |
9 |
> > > > post the results? Mainly I'd like to verify that your __guard is |
10 |
> > > > infact working as expected. (It should SEGFAULT or SIGABRT) |
11 |
> > > |
12 |
> > > ./guard-test |
13 |
> > > main = 0x800009d4; |
14 |
> > > __guard = 0x4012aba0; |
15 |
> > > __stack_smash_handler = 0x4002de50; |
16 |
> > > __guard = 0x4012aba0; |
17 |
> > > __stack_smash_handler = 0x4002de50; |
18 |
> > > guard-test: stack smashing attack in function mainAborted |
19 |
> > |
20 |
> > And how about a second run... __guard is at a different location? |
21 |
> |
22 |
> No. The addresses do not change. btw, the addresses do not change using Etoh/ |
23 |
> obsd's ssp either (using arandom). I don't have a system with ssp urandom to |
24 |
> compare to right now. |
25 |
|
26 |
|
27 |
If the address does not change then it does not work. |
28 |
|
29 |
Example of a working __guard_setup() |
30 |
|
31 |
solar@simple ssp $ ./guard-test | grep guard |
32 |
__guard = 0x2c773340; |
33 |
solar@simple ssp $ ./guard-test | grep guard |
34 |
__guard = 0x244be340; |
35 |
|
36 |
> |
37 |
> > What would be the point of even looking for /dev/{e,f} if the sysctl() |
38 |
> > failed? Either we are using frandom or not. Right? |
39 |
> |
40 |
> If its a module /dev/erandom will still work if sysctl doesn't. |
41 |
|
42 |
Ok then the code would/should look something like this. |
43 |
if ((i = open("/dev/erandom", 0)) == (-1)) |
44 |
i = open("/dev/urandom", 0); |
45 |
|
46 |
> |
47 |
> > I would think the logic would work something like this untested |
48 |
> > attachment. |
49 |
> |
50 |
> Yes. |
51 |
> |
52 |
> |
53 |
> |
54 |
> -- |
55 |
> gentoo-hardened@g.o mailing list |
56 |
-- |
57 |
Ned Ludd <solar@g.o> |
58 |
Gentoo Linux Developer |