[LWN Logo]

Date: Tue, 25 Apr 2000 12:00:41 +0200
From: Olaf Kirch <okir@caldera.de>
To: Crispin Cowan <crispin@wirex.com>
Subject: Re: libsafe

On Tue, Apr 25, 2000 at 02:47:50AM +0000, Crispin Cowan wrote:
> Perry Wagle (principle StackGuard developer, cc'd) was working on his
> analysis of libsafe (attached).  Perry's conclusions are similar to
> yours:

Add to that:

 *	libsafe will not work on machines that require some form
	of pointer alignment. On an architecture that requires
	pointers to be word aligned, an application that was compiled
	with -fomit-frame-pointer will possibly even crash when
	jumping into libsafe

 *	Whether libsafe is effective or not greatly depends on the
	libc version you're compiling against. In glibc-2.1.2, 
	strcpy is an inline function that's implemented exclusively
	in assembler. This will never be intercepted by libsafe.

The last item is probably the most ironic. This libsafe thing seems
to create a bit of buzz among non-security Linux users, and then it
doesn't even protect you with the current glibc...

> The BRW method is a pseudo-compiler that can transform binaries into
> "safe" programs by transforming the binary.

Hm, could be interesting. But your description somehow reads like
a snake oil ad :-)

Olaf
-- 
Olaf Kirch         |  --- o --- Nous sommes du soleil we love when we play
okir@monad.swb.de  |    / | \   sol.dhoop.naytheet.ah kin.ir.samse.qurax
okir@caldera.de    +-------------------- Why Not?! -----------------------
         UNIX, n.: Spanish manufacturer of fire extinguishers.