Trusted Debian

April 23, 2003 - Posted by André Restivo
href="http://www.trusteddebian.org/">The Trusted Debian
project: Finally someone decided to attack the Buffer Overflow
exploits by going directly to the root of the problem.
From href="http://developers.slashdot.org/article.pl?sid=03/04/21/1913251&mode=thread&tid=90&tid=172">
Slashdot :

It features PaX, a kernel patch which does several
things. It tries to keep code and data apart, it randomizes stack,
code, heap and shared libraries, it does strict mprotect() checking
and it also protects the kernel. Trusted Debian also uses the stack
protector patch for GCC developed by Hiroaki Etoh at IBM, which
adds overflow checks to C/C++ code. It also features FreeS/WAN and
RSBAC, an extensive access control framework.

And, also from Slashdot, href="http://developers.slashdot.org/comments.pl?sid=61483&cid=5775459">
an interesting comment:

Please note that Gentoo Linux also
comes with a propolice enabled GCC and a PaX-enabled kernel. It’s
up to you to use them or not.

Cool! But, how
does it work?

This entry was posted on Wednesday, April 23rd, 2003 at 4:03 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Post a Comment