At 10:43 PM 7/19/98 +0000, you wrote:
>Making the stack non executable doesn't stop buffer overflow attacks;
>see www.geek-girl.com/bugtraq/ for more information.
It should stop most of them. I could imagine a situation where one
subverted a program by changing its data (for example, one could
force commands into an interpreter by putting them into higher
However, the most common method seems to be to plant a bogus return
address that points to machine code that does the cracker's bidding.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message