Subject: Re: CVS commit: src/usr.sbin
To: Jason Thorpe <thorpej@wasabisystems.com>
From: Perry E. Metzger <perry@piermont.com>
List: source-changes
Date: 04/22/2004 10:40:25
Jason Thorpe <thorpej@wasabisystems.com> writes:
> On Apr 21, 2004, at 6:41 PM, Jun-ichiro itojun Hagino wrote:
>> Module Name: src
>> Committed By: itojun
>> Date: Thu Apr 22 01:41:22 UTC 2004
>>
>> Modified Files:
>> src/usr.sbin/traceroute: traceroute.c
>> src/usr.sbin/traceroute6: traceroute6.c
>>
>> Log Message:
>> do not disclose endian/pid. henning@openbsd
>
> Uh, ok, I think "do not disclose endian" is just a little over the top
> ... what possible value does this (and the ping) change have?
It makes it harder for bad guys to identify your host
architecture. The bad guys follow up that identification with
customized code in the buffer overflow they hit you with
afterwards. If they don't know that you're running on, say, a sparc,
they can't figure out that they should put sparc opcodes into the
buffer overflow.
It isn't of tremendous importance to plug this information for
outgoing tools since it is hard to exploit them, but then again there
isn't any reason to leak out that sort of information, so I don't see
any reason to oppose what he did in this instance.
--
Perry E. Metzger perry@piermont.com