![[LWN Logo]](/images/lwn.banner.gif)
Date: Tue, 25 Apr 2000 12:00:41 +0200
From: Olaf Kirch <okir@caldera.de>
To: Crispin Cowan <crispin@wirex.com>
Subject: Re: libsafe
On Tue, Apr 25, 2000 at 02:47:50AM +0000, Crispin Cowan wrote:
> Perry Wagle (principle StackGuard developer, cc'd) was working on his
> analysis of libsafe (attached). Perry's conclusions are similar to
> yours:
Add to that:
* libsafe will not work on machines that require some form
of pointer alignment. On an architecture that requires
pointers to be word aligned, an application that was compiled
with -fomit-frame-pointer will possibly even crash when
jumping into libsafe
* Whether libsafe is effective or not greatly depends on the
libc version you're compiling against. In glibc-2.1.2,
strcpy is an inline function that's implemented exclusively
in assembler. This will never be intercepted by libsafe.
The last item is probably the most ironic. This libsafe thing seems
to create a bit of buzz among non-security Linux users, and then it
doesn't even protect you with the current glibc...
> The BRW method is a pseudo-compiler that can transform binaries into
> "safe" programs by transforming the binary.
Hm, could be interesting. But your description somehow reads like
a snake oil ad :-)
Olaf
--
Olaf Kirch | --- o --- Nous sommes du soleil we love when we play
okir@monad.swb.de | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax
okir@caldera.de +-------------------- Why Not?! -----------------------
UNIX, n.: Spanish manufacturer of fire extinguishers.