HLFS 64bit again

goodoldmarty at gmail.com goodoldmarty at gmail.com
Fri Dec 7 02:04:23 PST 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

>> > Do you own 64 bit applications that won't run on a 32 bit system?
> 
> I don't own any applications Marty, neither 32 or 64 bit but there is
> some OSS software that can take advantage of 64bit.
> 
OSS is not very descriptive. Can you name 1 OSS package that is worth
all your trouble? Is this application and all it's dependancies written
securely, with PIC and PIE enabled? Will it all compile with SSP?

As far as 64 bit being safe by obscurity... Don't be confused; every 32
bit vulnerability is also a 64 bit vulnerability when they attack the
Linux API. And the original 8 bit instructions will execute perfectly if
injected into the stack by a buffer overflow padded with NOOPs. This is
why using SSP, PIC, PIE, PAX, etc. is so important. You cannot neglect
network security and expect HLFS to protect you. You harden the system
to provide the last line of defense against really bad things.

Marty B.



- --
Putting Microsoft in a computer is like putting screen doors in a
submarine. Hopeless.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFHWRqnodd/GHZYnVQRAhunAJ42x+dxJaq1NBEb90ZQR+EkCkstqQCdHOYI
KzOdH+Q2kxdc28y/JB/hPjM=
=EueD
-----END PGP SIGNATURE-----



More information about the hlfs-dev mailing list