Could the vmsplice vulnerablility have been prevented?

Follow Slashdot stories on Twitter

Journal sowth's Journal: Could the vmsplice vulnerablility have been prevented?

Journal by sowth on Tuesday February 12, 2008 @02:17PM

I was just reading the Linux Kernel Mailing List, and I just saw an interesting message:

... that got me wondering why this attack wasn't stopped by the CONFIG_CC_STACKPROTECTOR option ... some analysis later.. it turns out that the following line in the top level Makefile, added by you in October 2007, entirely disables CONFIG_CC_STACKPROTECTOR ;( With this line removed the exploit will be nicely stopped. ...

-- From: Arjan van de Ven -- Subject: vmsplice exploits, stack protector and Makefiles

The message then shows a line with -fno-stack-protector. Apparently if you remove that flag, your 2.6.x kernel is safe from the exploit.

This discussion has been archived. No new comments can be posted.

Could the vmsplice vulnerablility have been prevented?

Load All Comments

Search 0 Comments Log In/Create an Account

Comments Filter:

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Suggest you just sit there and wait till life gets easier.

Journal sowth's Journal: Could the vmsplice vulnerablility have been prevented?

Could the vmsplice vulnerablility have been prevented? More Login

Could the vmsplice vulnerablility have been prevented?

Slashdot Top Deals

Slashdot