Linux Today: Linux News On Internet Time.

More on LinuxToday

Protect Linux Against Overflow Exploits

Aug 05, 2010, 12:36 (0 Talkback[s])
(Other stories by Jamie Adams)


Desktop-as-a-Service Designed for Any Cloud ? Nutanix Frame

[ Thanks to Jamie Adams for this link. ]

"An overflow is an anomaly where a program, while writing data to a memory buffer, overruns the buffer's boundary and overwrites adjacent memory—which could be maliciously exploited. While the onus is on software developers to perform proper bounds checking there are some things you can do on an operational system to help protect against code which has been overlooked during development.

"Most overflows are addressed during the development process because testing will often uncover erratic program behavior, memory access errors, incorrect results, and unexpected program terminations (crashes). Those which aren't identified and make it into production are often abused by attackers who manage to inject hostile code into this memory.

"Program Memory Basics

"Kernels are complicated and as such can be difficult to understand. For the purposes of this post, I will try to keep it simple but if any of my facts are incorrect please, add a comment so we all might learn. With that said, running programs establish two key areas in random access memory (RAM): stack and data segment."

Complete Story

Related Stories: