Re: http://www.smashguard.org

[Leon Harris <leon@xxxxxxxxx>]

Interesting paper.
Certain apps (notably java virtual machines) manipulate stack return 
addresses. I understood that one of the advantages of Immunix's product 
StackGuard was that you could still run these types of apps by 
statically linking them against a normal libc (and chrooting them or 
otherwise confining them). If the protection is mandatory, and in 
hardware, then surely these types of app wont work.

Cheers,
Leon

Hilmi Ozdoganoglu wrote:

>        SmashGuard is a hardware-based solution developed at Purdue
>University  to prevent Buffer-Overflow Attacks realized by overwriting the
>Function  Return Address (patent-pending).  The design of SmashGuard is a
>kernel patch that supports CPUs modified to support SmashGuard protection.
>
> For details please refer to the  TechReports at:
>
>    http://www.smashguard.org
>
>  In addition to details of SmashGuard, the site serves as a comprehensive
>resource for buffer overflow attacks/prevention/detection. On "the buffer
>overflow page" we provide links to research papers, known exploits, safer
>C languages, patents, audit tools and more.  If you can think of a site or
>resource that should be added please send email to our webmaster
>(cyprian@xxxxxxxxxx)
>
>-SmashGuard Group
>