Re: executable stacks, a few suggetions
Fri, 18 Apr 1997 00:55:14 -0300 (GMT)


> If so, shouldn't the proper course of action be to rewrite the user input
> portion of the program so this was impossible? I see too may programs
> that use gets(buffer) with buffer[] being a few hundred bytes allocated
> on the stack. This is very bad coding. It's just luck that makes such
> programs work.

I guess I should state it clearly now. In my opinion, the programs should
definitely be fixed. But still, there will remain some buggy ones. Also,
there're programs that are spread as binaries only, and that are still
widely used. So, why not decrease the number of exploitable overflows in
these, by kernel means?

Anyway, to the kernel patch stuff -- I've finally modified signal handler
returns to use the GPF handler also, it works now. So no need to temporary
enable execution permission for the signal handler execution period. This
fixes the longjmp() problem also.

Solar Designer