System Environment/Libraries

libsafe - Libsafe: Protecting Critical Elements of Stacks

The libsafe library protects a process against the exploitation of buffer
overflow vulnerabilities in process stacks. Libsafe works with any
existing pre-compiled executable and can be used transparently, even on a
system-wide basis. The method intercepts all calls to library functions
that are known to be vulnerable. A substitute version of the corresponding
function implements the original functionality, but in a manner that
ensures that any buffer overflows are contained within the current stack
frame. Libsafe has been shown to detect several known attacks and can
potentially prevent yet unknown attacks. Experiments indicate that the
performance overhead of libsafe is negligible.

If libsafe is compiled on a system with libprelude installed, libsafe will
additionally emit a stack overflow alert to the Prelude Manager.  For more
information about the Prelude Hybrid IDS, please see http://www.prelude-ids.org
(Fedora libsafe is not compiled with libprelude.  Talk to fedora-devel if you
really want this to become default.)

Be aware that any RPMS built while libsafe is installed will require libsafe
in order to install because of RPM's autodeps. You are encouraged to use a
chroot for RPM builds rather than a libsafe protected system.
License:LGPL Group:System Environment/Libraries
URL:http://www.research.avayalabs.com/project/libsafe/index.html

Packages

Name Version Release Type Size Built
libsafe 2.0 16.fdr.1.rh80 src 355 KiB Fri Dec 10 22:37:37 2004

Changelog

* Mon Apr 14 18:00:00 2003 Warren Togami <warren{%}togami{*}com> 2.0-16.fdr.1
- Initial Fedora release, converted from 2.0-16 upstream

Listing created by RepoView-0.5.2-1.fc6 (modified)