http://www.research.avayalabs.com/project/libsafe/ Has anyone tried libsafe? According to the documentation libsafe is a wrapper for potentially unsafe library calls that offers buffer overflow protection transparently for the entire system without the need to re-compile anything. They claim that performance difference is negligible, and there shouldn't be adverse behaviors. (from the README) The following unsafe functions are currently monitored by libsafe: strcpy(char *dest, const char *src) May overflow the dest buffer. strcat(char *dest, const char *src) May overflow the dest buffer. getwd(char *buf) May overflow the buf buffer. gets(char *s) May overflow the s buffer. [vf]scanf(const char *format, ...) May overflow its arguments. realpath(char *path, char resolved_path[]) May overflow the path buffer. [v]sprintf(char *str, const char *format, ...) May overflow the str buffer. I'm testing it now on several of my Red Hat 7.3 servers and things appear to be going well. The binary RPM conveniently edits /etc/ld.so.preload when you install it, and removes itself when you un-install the package. Unfortunately the .src.rpm fails to build on Red Hat 8.0 with a broken pipe at the very end of the build process. Anyone know why this is occurring? Anyway, this seems like a very neat and convenient tool, but I want to know what people think about this. Is it really safe? Will this break anything? Would prelink be affected? What will this NOT protect me from? Thanks, Warren Togami warren@togami.com
