cvs commit: hints propolice.txt

tushar at linuxfromscratch.org tushar at linuxfromscratch.org
Sat Oct 18 09:00:30 PDT 2003


tushar      03/10/18 10:00:30

  Added:       .        propolice.txt
  Log:
  Added Hint: propolice
  
  Revision  Changes    Path
  1.1                  hints/propolice.txt
  
  Index: propolice.txt
  ===================================================================
  AUTHOR:	Robert Connolly <cendres at videotron dot ca> (ashes)
  
  DATE:	2003-10-18
  
  LICENSE:	Public Domain
  
  SYNOPSIS:	Building an LFS with ProPolice enabled.
  
  DESCRIPTION:
  Intergrate a patch into the bootstrap stage to protect the new system from
  buffer overflows.
  
  PREREQUISITES:
  This hint requires that you have sufficient knowledge of LinuxFromScratch.
  This hint is available for GCC versions 2.95.3 and 3.3.
  
  HINT:
  
  Introduction
  =============
  
  ProPolice is a GCC extension for protecting applications from stack smashing
  attacks. ProPolice stack guard has been used against xlockmore-3.10,
  Perl-5.003, elm-2.003, and SuperProbe-2.11 which all have known root exploits.
  Testing showed that when these programs were exploited the stack guard
  terminated them with a message that a stack smashing attack had been detected.
  This guard protects against bugs and attacks not yet conceived. It has shown
  to be robust, practical to use, and preform well. ProPolice has been
  intergrated into OpenBSD, and should be added to Gentoo Linux in the near
  future, among others. The official website for ProPolice can be found in the
  acknowledgments at the end of this document.
  
  Installation
  =============
  
  It is recommended this hint is used as part of an LFS installation between
  chapsters four and five. You will need all the packages and the LFS partition
  and /tools setup in advance. In this example source packages are put in
  $LFS/tools/usr/src. This is not strictly important, but it is important you
  are able to keep track of your ProPolice patched GCC tar ball during the
  normal installation of LFS, and use the patch on any future installations of
  GCC.
  
  Procedure
  =========
  
  # For GCC-3.3
  
  mkdir -p $LFS/tools/usr/src/patches/propolice/3.3
  cd $LFS/tools/usr/src/patches/propolice/3.3
  wget
  http://www.research.ibm.com/trl/projects/security/ssp/gcc3_3/protector-3.3-4.tar.gz
  wget
  http://www.research.ibm.com/trl/projects/security/ssp/gcc3_3/protector-3.3-4.tar.gz.md5
  md5sum -c protector-3.3-4.tar.gz
  
  # You should get "protector-3.3-4.tar.gz: OK"
  
  tar zxf protector-3.3-4.tar.gz
  
  cd $LFS/tools/usr/src
  md5sum gcc-core-3.3.1.tar.bz2
  
  # Should give us "8c113f495402c5ab8bf35133268de561  gcc-core-3.3.1.tar.bz2"
  
  rm -rf gcc-{3.3.1,build}
  tar jxf gcc-core-3.3.1.tar.bz2
  cd gcc-3.3.1/gcc
  patch -p 1 < $LFS/tools/usr/src/patches/propolice/3.3/protector.dif
  cp $LFS/tools/usr/src/patches//propolice/3.3/protector.c .
  cp $LFS/tools/usr/src/patches/propolice/3.3/protector.h .
  
  # This next step enables propolice by default with anything this gcc will
  # build. The flag '-fstack-protector' explicitly enables propolice if you do
  # not use this next patch, and it can be added to CFLAGS and CXXFLAGS.'
  # -fno-stack-protector' explicitly disables the stack protection if for any
  # reason you want to.
  # Note: It is reccomended all your software be built with this protection. It
  # should work on a wide variety of software, including xfree86.
  
  patch -p 1 < $LFS/tools/usr/src/patches/propolice/3.3/protectonly.dif
  
  # Hint: edit  $LFS/tools/usr/src/gcc-3.3.1/gcc/version.c to reflect that you
  # have patched it with propolice.
  
  cd $LFS/tools/usr/src/
  mv gcc-core-3.3.1.tar.bz2 gcc-core-3.3.1.tar.bz2.orig
  tar jcf gcc-core-propolice-3.3.1.tar.bz2 gcc-3.3.1/
  ln -s gcc-core-propolice-3.3.1.tar.bz2 gcc-core-3.3.1.tar.bz2
  
  # For GCC 2.95.3
  
  mkdir $LFS/tools/usr/src/patches/propolice/2.95.2
  cd $LFS/tools/usr/src/patches/propolice/2.95.3
  wget
  http://www.research.ibm.com/trl/projects/security/ssp/gcc2_95_3/protector-2.95.3-23.tar.gz
  wget
  http://www.research.ibm.com/trl/projects/security/ssp/gcc2_95_3/protector-2.95.3-23.tar.gz.md5
  md5sum -c protector-2.95.3-23.tar.gz.md5
  
  # You should get "protector-2.95.3-23.tar.gz: OK"
  
  tar zxf protector-2.95.3-23.tar.gz
  cd $LFS/tools/usr/src
  md5sum gcc-2.95.3.tar.bz2
  
  # Should give you "87ee083a830683e2aaa57463940a0c3c  gcc-2.95.3.tar.bz2"
  
  rm -rf gcc-{2.95.3,build}
  tar jxf gcc-2.95.3.tar.bz2
  cd gcc-2.95.3/gcc
  patch -p 1 < $LFS/tools/usr/src/patches/propolice/2.95.3/protector.dif
  cp $LFS/tools/usr/src/patches//propolice/2.95.3/protector.c .
  cp $LFS/tools/usr/src/patches/propolice/2.95.3/protector.h .
  
  # This next step enables propolice by default with anything this gcc will
  # build. The flag -fstack-protector explicitly enables propolice if you do
  # not use this next patch, and it can be added to CFLAGS and CXXFLAGS.
  # -fno-stack-protector explicitly disables the stack protection if for any
  # reason you want to.
  # Note: It is reccomended all your software be built with this protection.
  # It should work on a wide variety of software, including xfree86.
  
  patch -p 1 < $LFS/tools/usr/src/patches/propolice/2.95.3/protectonly.dif
  
  # Hint: edit  $LFS/tools/usr/src/gcc-2.95.3/gcc/version.c to reflect that
  # you have patched it with propolice.
  
  cd $LFS/tools/usr/src/
  mv gcc-core-2.95.3.tar.bz2 gcc-core-2.95.3.tar.bz2.orig
  tar jcf gcc-core-propolice-2.95.3.tar.bz2 gcc-2.95.3/
  ln -s gcc-core-propolice-2.95.3.tar.bz2 gcc-2.95.3.tar.bz2
  
  # With that all done, we have applied the patches and it should work
  # transparently from here on. `make boostrap`, and `make` will utilize
  # the patches. Aswell the patches included in the LFS book can be used on
  # top.
  # When it is installed you can confirm the binaries are protected. `objdump
  # -d /path/to/binary | grep stack_smash` is one way or `gcc -S hello.c &&
  # cat hello.s | grep stack_smash` is another.
  
  Feedback
  ========
  cendres at videotron dot ca
  
  ACKNOWLEDGMENTS:
  
  Thanks to GNU for providing GCC at http://www.gnu.org/
  
  Thanks to Hiroaki Etoh for providing the patch to IBM - etoh at jp.ibm.com
  
  Thanks to IBM for providing the patch at
  http://www.research.ibm.com/trl/projects/security/ssp/
  
  IBM is a registered trademark of the IBM Corporation found at
  http://www.ibm.com
  
  CHANGELOG:
  [2003-10-18]
  * Debut release
  * Reformat
  
  
  



More information about the hints mailing list