Published on Sep 20, 2019
In order to better understand stack smashing vulnerabilities, it is first nec-essary to understand certain features of filesystem permissions in the Linux operating system. Privileges in the Linux operating system are invested solely in the user root, sometimes called the superuser, root's infallibility is ex-pected under every condition including program execution. The superuser is the main security weakness in the Linux operating system. Because the superuser can do anything, after a person gains superuser privileges for ex-ample, by learning the root password and logging in as root that person can do virtually anything to the system.
This explains why most attackers who break into Linux systems try to become superusers. Each program (process) started by the root user inherits the root user's allinclusive privilege. In most cases the inherited privilege is subsequently passed to other programs spawned by root's running processes. Set UID (SUID) permissions in the Linux operating system grant a user privilege to run programs or shell scripts as another user.Linux operating system, the process in memory that handles the program execution is usually owned by the user who executed the program. Using a unique permission bit to indicate SUID, the filesystem indicates to the op-erating system that the program will run under the file owner's ID rather than the user's ID who executed the program.
Often times SUID programs are owned by root; while these programs may be executable by an under-privileged user on the system, they run in memory with unrestricted access to the system. As one can see, SUID root permissions are used to grant an unprivileged user temporary, and necessary, use of privileged resources. Many Linux programs need to run with superuser privileges. These pro-grams are run as SUID root programs, when the system boots, or as network servers. A single bug in any of these complicated programs can compromise the safety of your entire system. This characteristic is probably a design flaw, but it is basic to the design of Linux, and it not likely to change. Exploitation of this "feature turned design flaw" is critical in constructing buffer overflow exploits.
THE ATTACK :- A (malicious) user finds the vulnerability in a highly privileged program and someone else implements a patch to that particular attack, on that privileged program. Fixes to buffer overflow attacks attempt to solve the problem at the source (the vulnerable program) instead of at the destination (the stack that is being overflowed).
StackGuard :- It is a simple compiler extension that limits the amount of damage that a buffer overflow attack can inflict on a program. The paper discusses the various intricacies to the problem and the implementation details of the Compiler extension 'Stack Guard '.
Stack Smashing Attack :- Buffer overflow attacks exploit a lack of bounds checking on the size of input being stored in a buffer array. The most common data structure to corrupt in this fashion is the stack, called a ``stack smashing attack'' .
StackGuard For Network Access :- The paper also discusses the impacts on network access to the 'Buffer Overflow Attack'.
StackGuard prevents changes to active return addresses by either :-
1. Detecting the change of the return address before the function returns, or
2. Completely preventing the write to the return address. MemGuard is a tool developed to help debug optimistic specializations by locating code statements that change quasi-invariant values.