|Richard Freeman on 19 Aug 2010 12:19:25 -0700|
On 08/19/2010 03:08 PM, JP Vossen wrote:
Finally using safer libraries, randomizing where things go in RAM, and using the NX bit where possible, which modern kernels may already do, would also eliminate many if not most buffer overflow problems. (Windows may be doing some of that now too.)
If you're running Gentoo there is also compile-time optimizations that can be built-in, like -fstack-protector (puts a canary on the stack to detect overflows).
I'd really like to see things like SELinux and POSIX capabilities take off. Right now it is just way to hard to use these on most distros. It would be really nice if they were just on by default, and that nothing got installed without putting in an appropriate rule.
Then, if somebody exploits your browser they don't get access to anything but the cache and settings files for the browser, and maybe write-only access to the downloads folder. If they exploit flash (and flash runs in a separate process), then all they get access to is any cache that flash implements and the little window the flash app has access to draw on.
Otherwise, simply not having access to root doesn't buy you much. Ok, so the exploit can't drop in a rootkit, but they can put anything they want in my bashrc or xsession, access or modify any of my personal info, log my keystrokes, and make arbitrary TCP/IP connections as long as they don't involve privileged ports. Of course, other users on my single-user desktop are safe. It is definitely a step up from Windows, but not as big a step as some think.
Rich ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug