This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Worm and virus free code.

From: markw <markw at mohawksoft dot com>
To: gcc at gnu dot org
Date: Fri, 26 Sep 2003 12:11:03 -0400
Subject: Worm and virus free code.

I had an idea for helping prevent worms from spreading even if there were vulnerabilities.

Is there a way that gcc and ld could randomize locations of functions, code, and data at compile, link, or even load times?

During the debugging phase, this would be turned off, but during production, you may turn this feature on so that function and data references are randomized in memory at link time.

Even if a stack overflow vulnerability did exists, the functions and or data it would attempt to access wouldn't be where they are supposed to be.

It may take a little overhead at link time, and if memory image randomization were practical, it may take a little time at program start and shared library mapping, but it could make gcc programs immune to worms and viruses that spread via stack overflow or other vulnerabilities.

Follow-Ups:
- Re: Worm and virus free code.
  - From: Ian Lance Taylor

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]