[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Re[4]: general protection: 4f00
If you consider fatal buffer overflows a bug, then i386 Linux is not
bug-free. AFAIK, one could say the same thing for Solaris x86, FreeBSD,
OpenBSD, SCO OpenDesktop/Unixware, BeOS and (needless to say) NT and OS/2.
However, an overflow that is fatal on one system is often not fatal on
another. Recently, a hacker used a (then) recently discovered overflow in
bind to methodically crash hundreds of Linux hosts in Israel.
Perhaps it's possible to implement a fatal overflow free system on an
i386, but AFA root processes are concerned Linux isn't one. It may take a
redefinition of UNIX to achieve this end.
If you ask me, Linux (and UNIX in general) should have a system call with
which root can give permissions for another user (and optionally -
process group) to open a socket on a port below 1024, in-order to
eliminate those incumbresses. Is anybody with me on this?
----------------------------------------------------------------------
Shlomi Fish shlomif@vipe.technion.ac.il
Home Page: http://t2.technion.ac.il/~shlomif/
Home E-mail: shlomif@ibm.net
The American Lottery - All you need is a dollar and a dream. We will
take the dollar, but you can keep the dream.