[cgl_discussion] Re: Buffer overflow

Greg KH greg at kroah.com
Wed Apr 23 17:23:55 PDT 2003


On Tue, 22 Apr 2003 17:56:43 -0400, Makan Pourzandi (LMC) wrote:
> 1. http://www.openwall.com/linux/README, also LSM open wall module

The openwall LSM patch does not prevent buffer overflows.  That's 
currently impossible to do with the LSM framework.

Also, see the lkml archives for why the openwall non-executable stack
patch will never be accepted into the main kernel tree (hint, it's 
just a work around, and doesn't solve the real problem.)

And there's things like the StackGuard or ProPolice gcc patches that
might be better to point people at.  However, that's not a kernel
patch/feature, so would not fall under the CGL spec :)

thanks,

greg k-h




More information about the cgl_discussion mailing list