I don't know if Crispin Cowan watches the selinux list, but this is exactly the sort of thinking that inspired stackguard. To paraphrase a recent comment of his, it seems that whenever you investigate a method of enhancing security using randomization, similar thinking will provide a protection mechanism which will perform even better than the randomization.

> -----Original Message-----
> From: Justin R. Smith [mailto:jsmith@mcs.drexel.edu]
> Sent: Tuesday, October 02, 2001 4:43 AM
> To: selinux@tycho.nsa.gov
> Subject: A notion
>
>
> It occurred to me that custom versions of software can be more secure
> than standard versions because various exploits (like stack smashing,
> etc.) require precise knowledge of certain sizes and distances in RAM
> (for instance, the distance from the end of a buffer to the return
> point...).
>
> Isn't it possible to develop a "randomizing C compiler" that randomly
> varies these distances every time it compiles a program? No
> two compiles
> of the same source code would be exactly the same (but they would
> execute the same way).
>
> This might involve inserting small random-sized blocks of
> dead code, or
> doing returns from subroutines through a level of indirection (i.e.,
> putting the actual return at some random location in the object code
> with a branch to it).
>
> Done right, this might not degrade performance significantly.
>
>
> --
>
>
> --
> You have received this message because you are subscribed to
> the selinux list.
> If you no longer wish to subscribe, send mail to
> majordomo@tycho.nsa.gov with
> the words "unsubscribe selinux" without quotes as the message.
>

--
You have received this message because you are subscribed to the selinux list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.