[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: wish list
Milan Pikula - WWW wrote:
> On Mon, 7 Jun 1999, scooby sir wrote:
>
> W>Well,
> W> If i were to contribute suggestions for a secure distro of linux,
> W>it would be this:
> W> i) Ship it with the international linux patch installed
> W> www.kerneli.org
> W> ii) Install the non-executable stack patch
>
> this is not a real solution.. this is a joke. there are many ways, how to
> override this protection and this makes me to label it as
> 'security by obscurity'.
Nonsense. The non-executable stack patch (and StackGuard) prevent attacks against
specific classes of vulnerabilities. With the protections enabled, these
vulnerabilities CANNOT be exploited: you have to go find
DIFFERENT vulnerabilities. For that reason, they are not 'security by obscurity',
they are legitimate security enhancements. Bonus points: either one of them
alone can stop a MAJORITY of common security attacks, and together they stop even
more.
Crispin
-----
Crispin Cowan, Research Assistant Professor of Computer Science, OGI
NEW: Protect Your Linux Host with StackGuard'd Programs :FREE
http://www.cse.ogi.edu/DISC/projects/immunix/StackGuard/
Microsoft: Putting the "lame" in "layman"
-
Securedistros: A common list for all secured Linux distributions
Archive: http://humbolt.nl.linux.org/lists/