[cgl_discussion] Buffer overflow
Stefano.Campadello at nokia.com
Stefano.Campadello at nokia.com
Tue Apr 22 05:09:23 PDT 2003
So, what is your opinion? Should we add a requirement for 3.0 or
it is still premature now?
Stefano
> -----Original Message-----
> From: ext Makan Pourzandi (LMC) [mailto:Makan.Pourzandi at ericsson.ca]
> Sent: 17 April, 2003 01:37
> To: 'Mika Kukkonen'; cgl_discussion at osdl.org
> Subject: RE: [cgl_discussion] Buffer overflow
>
>
> Hi,
>
> My first reaction is to wait and see. Even if open bsd has a
> very good reputation (I mean regarding security), we have to
> wait for 1st May.
>
> Second, open bsd has always been more on advance at security
> than linux. In best case, it will take some time before those
> modification get into linux kernel. hopefully, this will not
> generate too many flames ;-)
>
> last but not least, there are already linux kernel patches
> regarding buffer overflows, one of the ones I know of is
http://www.openwall.com/linux/README, which implements Non-executable user stack area. open wall is also implemented as a lsm module but at my knowledge not all functionality available by openwall is provided by the lsm module.
regards,
makan
> -----Original Message-----
> From: Mika Kukkonen [mailto:mikukkon at miku-t21-linox.koti.nokia.com]
> Sent: Wednesday, April 16, 2003 10:58 AM
> To: cgl_discussion at osdl.org
> Subject: [cgl_discussion] Buffer overflow
>
>
> An Anonymous Coward suggested to me that CGL should also
> include something like this:
> http://news.com.com/2100-1002-996584.html
>
> Now looking at the pace RedHat sends me up2date packages
> that fix buffer overflows, I tend to agree, but I do think
> this is one of those features that are _very_ hard to get
> accepted by Linus.
>
> Any opinions?
>
> --MiKu
>
> _______________________________________________
> cgl_discussion mailing list
> cgl_discussion at lists.osdl.org
> http://lists.osdl.org/mailman/listinfo/cgl_discussion
>
_______________________________________________
cgl_discussion mailing list
cgl_discussion at lists.osdl.org
http://lists.osdl.org/mailman/listinfo/cgl_discussion
More information about the cgl_discussion
mailing list