[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: wish list

To: securedistros@nl.linux.org
Subject: Re: wish list
From: Michael Cunningham <malice@exit109.com>
Date: Wed, 9 Jun 1999 09:13:11 -0400 (EDT)
In-Reply-To: <Pine.LNX.4.10.9906090952420.13394-100000@fornax.elf.stuba.sk>
Reply-To: securedistros@nl.linux.org
Sender: owner-securedistros@humbolt.nl.linux.org

> i\m sorry but i know what i am talking about. almost any exploit code CAN be
> rewritten to be usable with non-executable stack patch too. in fact, i've
> never seen a hole which is unusable with it.

Yes.. of course it is possible and in some cases easy to rewrite 
an exploit to get beyond this patch.. but it also makes it impossible
for script kiddies to use an exploit that hasnt been rewritten. Would
you rather that no patches were applied to the kernel? Hell lets just
let every exploit work.. If we can eliminate a tons of sploits and
a tons of scripts kiddies then I say go for it. Those crackers who
write code and know the kernel line by line arent going to be kept
out of the system unless you turn off all services totally. But people
like this are only 0.1% of the cracker community. If we can guard against
99.9% then I am happy..

Mike..
-- 
Some people have told me they don't think a fat penguin
really embodies the grace of Linux, which just tells me
they have never seen a angry penguin charging at them
in excess of 100mph. They'd be a lot more careful about
what they say if they had.
                                 -- Linus Torvalds 

-
Securedistros: A common list for all secured Linux distributions
Archive:       http://humbolt.nl.linux.org/lists/

References:
- Re: wish list
  - From: Milan Pikula - WWW <www@fornax.elf.stuba.sk>

Prev by Date: Re: SV: Secured vs. Security Distros and Wish Lists
Next by Date: Re: Be careful...
Prev by thread: Re: wish list
Next by thread: Re: wish list
Index(es):
- Date
- Thread