Proposal: Optional libsafe add-on?
seth vidal
skvidal at phy.duke.edu
Wed Jan 21 13:50:15 UTC 2004
On Wed, 2004-01-21 at 07:00, Warren Togami wrote:
> Proposal: Optional libsafe add-on?
>
> I personally have been using libsafe on all of my RH7.x, RH8 and RH9
> servers with apparently no ill effects in these past years [1]. libsafe
> intercepts many of the potentially dangerous glibc calls like string
> operations, and replaces it with functionally equivalent functions. If
> it detects an overflow or format string exception, the process group is
> sent SIGKILL and a /var/log/secure entry is generated. The following
> list of functions is from the libsafe manpage.
Modifying the world as an 'option' for legacy updates seems like a bad
idea, a confusing idea for users, and generally a waste of time. If I've
got older machines I want them to be left alone and just have security
patches applied. I don't want to be putting brand new things on there.
-sv
More information about the fedora-legacy-list
mailing list