Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-security@g.o
From: John Chronister <chron@...>
Subject: Re: propolice on amd64
Date: Tue, 20 Jan 2004 17:18:36 +0100
Ned Ludd wrote:

>On Mon, 2004-01-19 at 10:21, Joseph Pingenot wrote:
>  
>
>>From John Chronister on Monday, 19 January, 2004:
>>    
>>
>>>how do i get stack smashing protection on amd64?  i am using the latest 
>>>experimental amd64 live cd.
>>>-chron
>>>      
>>>
>
>  
>
>>You don't.  IIRC, linux sets the stack noexec on amd64, and amd64 processors
>>  honor it.  Remember the hullaballoo about Microsoft doing the same thing?
>>    
>>
>
>Simply trying to take advantage of the NX bit on the 64 bit arch won't
>do the job alone of preventing arbitrary code execution whihc I assume
>is the goal here.
>He in fact will want to enable ssp on the amd64 as well as have a kernel
>that can take advantage of it. As far as I'm aware of PaX
>http://pax.grsecurity.net/ is the only kernel patch that will let you
>take advantage of the NX bit on any of the 64 bit arches.
>
>solar@amd64 solar $ cat vuln.c 
>#include <string.h>
>int main(int argc, char **argv) {
>	char buf[10];
>	strcpy(buf, argv[1]);
>	return 0;
>}
>solar@amd64 solar $ make vuln
>gcc     vuln.c   -o vuln
>solar@amd64 solar $ ./vuln 12345678901234567890123456789012345678901
>Segmentation fault
>solar@amd64 solar $ gcc     vuln.c   -o vuln -fstack-protector
>solar@amd64 solar $ ./vuln 12345678901234567890123456789012345678901
>vuln: stack smashing attack in function main 
>Aborted
>
>Here is my suggestion for a secure set of CFLAGS for the amd64 after
>getting and applying the PaX patch for amd64 and enabling Address Space
>Layout Randomizations.
>
>CFLAGS="${CFLAGS} -fomit-frame-pointer -fstack-protector -fPIC -pie
>-fforce-addr"
>
>This will build you a position independent executable without debugging
>frames as well as force memory address constants to be copied into
>registers before any arithmetic is preformed on them them.
>
>The hardened project at gentoo is planning on releasing stages which
>have this same set of flags enabled after gcc-3.3.x goes stable.
>
>[snip]
>
>  
>
>>Many thanks to the amd64 kernel hackers!
>>
>>-Joseph
>>    
>>
First let me say thank you for your response.  I did a build normally 
for now.  I will look into this later.

Thank You Again,

-chron



--
gentoo-security@g.o mailing list

References:
propolice on amd64
-- John Chronister
Re: propolice on amd64
-- Joseph Pingenot
Re: propolice on amd64
-- Ned Ludd
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: propolice on amd64
Next by thread:
Re: propolice on amd64
Previous by date:
Re: propolice on amd64
Next by date:
Re: propolice on amd64


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.