libsafe: Detection and protection against stack smashing attacks1
The libsafe library protects a process against the exploitation of buffer overflow vulnerabilities in process stacks. Libsafe works with any existing pre-compiled executable and can be used transparently, even on a system-wide basis. The method intercepts all calls to library functions that are known to be vulnerable. A substitute version of the corresponding function implements the original functionality, but in a manner that ensures that any buffer overflows are contained within the current stack frame. Libsafe has been shown to detect several known attacks and can potentially prevent yet unknown attacks. Experiments indicate that the performance overhead of libsafe is negligible.
... part of T2, get it here
URL: http://www.bell-labs.com/org/11356/libsafe.html
Author: Arash Baratloo, Timothy Tsai, and Navjot Singh
Maintainer: Rene Rebe <rene [at] t2-project [dot] org>
License: GPL
Status: Stable
Version: 2.0-16
Remark: Does cross compile (as setup and patched in T2).
Download: http://www.research.avayalabs.com/project/libsafe/src/ libsafe-2.0-16.tgz
T2 source: hotfix-destdir.patch
T2 source: libsafe.cache
T2 source: libsafe.desc
T2 source: no_exploits.patch
T2 source: uclibc.patch.uclibc
Build time (on reference hardware): 5% (relative to binutils)2
Installed size (on reference hardware): 0.04 MB, 7 files
Dependencies (build time detected): 00-dirtree binutils coreutils diffutils findutils gawk grep linux-header make patch sed sysfiles tar
Installed files (on reference hardware):
[show]
1) This page was automatically generated from the T2 package source. Corrections, such as dead links, URL changes or typos need to be performed directly on that source.
2) Compatible with Linux From Scratch's "Standard Build Unit" (SBU).