 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
Here's a forward of a reaction to your posting I sent to an internal Mandrake list: > > I was just browsing through linux.com and found an > > article about libsafe. This is a library that Bell > > Labs just released (LGPL) to detect and stop buffer > > overflow attacks. > > > > If you put it on your LD_PRELOAD, its functions will be > > used in place of strcpy, strcat, getwd, gets, [vf] > > scanf, realpath, and [v]sprintf. > > > > Its behavior on detecting a buffer overflow is to kill > > the application and its process group (SIGKILL), and to > > log an error message to /var/log/security. > > > > Personally, I would prefer it to at least have the > > option to silently perform the function up to the point > > of the buffer overrun and return, rather than killing > > the process. This could lead to intrusion and log deletion. > > I don't sit on my box enough to justify > > the possibility of just outright killing sendmail. :( Eyh, don't be afraid, we just kill the children, not the parent. - Subcription/unsubscription/info requests: send e-mail with "subscribe", "unsubscribe", or "info" on the first line of the message body to discuss-request at blu.org (Subject line is ignored).
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
