1 |
On April 20, 2004 12:02 am, Ned Ludd wrote: |
2 |
> On Mon, 2004-04-19 at 22:29, Robert Connolly wrote: |
3 |
> > On April 19, 2004 09:16 pm, Ned Ludd wrote: |
4 |
> > > On Mon, 2004-04-19 at 17:55, Robert Connolly wrote: |
5 |
> > >>... |
6 |
> > > |
7 |
> > > Could you test the following attachment (guard-test) a few times and |
8 |
> > > post the results? Mainly I'd like to verify that your __guard is |
9 |
> > > infact working as expected. (It should SEGFAULT or SIGABRT) |
10 |
> > |
11 |
> > ./guard-test |
12 |
> > main = 0x800009d4; |
13 |
> > __guard = 0x4012aba0; |
14 |
> > __stack_smash_handler = 0x4002de50; |
15 |
> > __guard = 0x4012aba0; |
16 |
> > __stack_smash_handler = 0x4002de50; |
17 |
> > guard-test: stack smashing attack in function mainAborted |
18 |
> |
19 |
> And how about a second run... __guard is at a different location? |
20 |
|
21 |
No. The addresses do not change. btw, the addresses do not change using Etoh/ |
22 |
obsd's ssp either (using arandom). I don't have a system with ssp urandom to |
23 |
compare to right now. |
24 |
|
25 |
> What would be the point of even looking for /dev/{e,f} if the sysctl() |
26 |
> failed? Either we are using frandom or not. Right? |
27 |
|
28 |
If its a module /dev/erandom will still work if sysctl doesn't. |
29 |
|
30 |
> I would think the logic would work something like this untested |
31 |
> attachment. |
32 |
|
33 |
Yes. |
34 |
|
35 |
|
36 |
|
37 |
-- |
38 |
gentoo-hardened@g.o mailing list |