June 07, 2003

Stack Protection for FreeBSD

From what I understand, this is a patch to GCC that adds "stack protection". The stack is part of a computer program where data is stored, and a common hack is to "overflow" the stack and using the effects of that to insert your own remote program. This patch prevents GCC, the compiler normally used on FreeBSD from allowing that to happen. You patch GCC, and rebuild the world to add the protection into the kernel. I haven't tried this yet, but I'm intrigued nonetheless.

How to build FreeBSD with stack protection

An interesting little side note in the above web page - it has about as concise a set of instructions for rebuilding and installing the kernel that I've ever seen!

Rebuild and install everything:
cd /usr/src
mergemaster -p
make buildworld
make buildkernel
make installkernel
shutdown -r now, bringing the system back up in single-user mode
make installworld
mergemaster
reboot

del.icio.us | Digg it | Furl | Yahoo MyWeb | Create Social Bookmark Links


Posted by jdarnold at 07:11 AM | TrackBack
Comments

Post a comment

(Javascript required)

(Not published)

Comments: (you may use HTML tags for style)