Re: Wanna Buy My Alpha?

[Alex Pilosov <apilos01 utopia poly edu>]

I was of impression that on alpha by default stack is non-executable (at
least under Digital Unix). Is that correct? Is it correct about
linux/alpha too?

-alex

On Wed, 20 Jan 1999, J C Lawrence wrote:

> On Wed, 20 Jan 1999 16:23:21 +1100 
> Huw Davies<H.Davies@latrobe.edu.au> wrote:
> 
> > Anyone who believes security through obscurity is a workable
> > policy needs to think again. With the modern Internet information
> > is there for the taking (whether it be ways of breaking into
> > systems, material considered pornographic in the country of
> > viewing, bomb making recipes etc).
> 
> FWVLIW I used to make my living doing security work (Sun, PBMK,
> etc).
> 
> Security thru obscurity is a very short sighted policy that has
> rather well known weaknesses, and yes, it is dangerous to rely on.
> However, I and many others, are not currently in a position (I've
> moved away from security work) to actively stay on top of the
> security game.  I just don't have the time to aggressively monitor
> and upgrade my systems as tightly as I used to.
> 
> The result?  We can relax a little in the shadow that security thru
> obscurity brings, realising that it doesn't represent true security, 
> but does offer a modicum of *effective* protection thru the simple
> fact that we can catch obvious x86/etc crack attacks and *then* use
> that as a flag to look for a hole to close.
> 
> As with all such, its a compromise, and you make sure you keep
> really good backups ITMT.
> 
> -- 
> J C Lawrence                              Internet: claw@kanga.nu
> (Contractor)                             Internet: coder@kanga.nu
> ---------(*)                    Internet: claw@under.engr.sgi.com
> ...Honorary Member of Clan McFud -- Teamer's Avenging Monolith...
> 
> -- 
> To unsubscribe: send e-mail to axp-list-request@redhat.com with
> 'unsubscribe' as the subject.  Do not send it to axp-list@redhat.com
>