On 7/30/07, Ng, Cheon-woei <cheon-woei.ng@xxxxxxxxx> wrote:
> Hello,
>
> This is the first time I post a question. If it is not the correct
> place to place the questions, can you please re-direct me to the correct
> place?
>
> It is my understanding that user space buffer overflow exploits (like
> SUID, return-to-libc, etc) are basically impossible under Feisty Fawn or
> Gutsy because of implementation of security measures like Address Space
> Layout Randomization, Stack Guard, and AppArmor (in Gutsy).
>
> Questions:
> 1. Is my assumption correct?
> 2. Are there any other security measures that I did not mention and I
> should know of?
> 3. Is there a link repository where I could find all details of the
> security features included in Feisty Fawn or Gutsy? For example, I am
> looking for a dedicated place in Ubuntu.com where I could find answers
> for questions like these:
> a. Is the Address Space Layout Randomization based on PaX?
> b. When was this security measure included in Ubuntu?
> c. How many bits are randomized?
> d. Is function table randomized?
> e. Is Stack Guard part of all applications included in Feisty
> Fawn?
>
> Thanks!
>
> Sincerely,
> Cheon-Woei Ng
I'm not in any way affiliated with Ubuntu, so I can't answer your
questions for sure, but AFAIK the only protections currently in place
along the lines of what you mentioned are using SSP by default. This
was implemented for Edgy. You can read more about it at this launchpad
page: https://blueprints.launchpad.net/ubuntu/+spec/gcc-ssp . I'm not
100% certain, but I don't think that PaX are related technologies are
compiled into the kernel. You can easily check exactly what is
compiled into your kernel though by grepping through
/boot/config-your-kernel-version.
--
Evan Klitzke <evan@xxxxxxxx>
|
