Package: security.debian.org Severity: wishlist I just read an article that talked about several ways to reduce the chance of a hacker taking advantage of a system due to buffer overflow attacks. Besides using Java, of course.
They mentioned StackGuard, ProPolice, StackShield, and RAD (Return Address Defender) for the compiler and libsafe (already a Debian package in sid) for the OS. Some of these have been discussed on Debian lists already. I have no idea how these tools might be incorporated into Debian, but I think it would be a Good Thing if every program were protected by them. It would make our systems safer, and would be great for Debian marketing. The article is Detection and Prevention of Stack Buffer Overlow Attacks by Kuperman, Brodley, Ozdoganoglu, Vijaykumar, and Jalote, Communications of the ACM, November 2005, p. 51-56. A web page containing references can be found at: https://engineering.purdue.edu/ResearchGroups/SmashGuard/BoF.html -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (600, 'testing'), (80, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.12-1-686 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) (ignored: LC_ALL set to en_US) -- Bill Wohler <[EMAIL PROTECTED]> http://www.newt.com/wohler/ GnuPG ID:610BD9AD Maintainer of comp.mail.mh FAQ and MH-E. Vote Libertarian! If you're passed on the right, you're in the wrong lane. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
