3.2 Enable Stack Protection - set noexec_user_stack = 1

Information

Buffer overflow exploits have been the basis for many highly publicized compromises and defacements of large numbers of Internet connected systems. Many of the automated tools in use by system attackers exploit well-known buffer overflow problems in vendor-supplied and third party software.

Enabling stack protection prevents certain classes of buffer overflow attacks and is a significant security enhancement. However, this does not protect against buffer overflow attacks that do not execute code on the stack (such as return-to-libc exploits). While most of the Solaris OS is already configured to employ a non-executable stack, this setting is still recommended to provide a more comprehensive solution for both Solaris and other software that may be installed.

Solution

To enable stack protection and block stack-smashing attacks, run the following to edit the /etc/system file:
# if [ ! "`grep noexec_user_stack= /etc/system`" ]; then
cat <<END_CFG >>/etc/system
set noexec_user_stack=1 set noexec_user_stack_log=1
END_CFG
fi

See Also

https://workbench.cisecurity.org/files/611

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-16

Plugin: Unix

Control ID: 13739bd2982ed3e5540733230f13065dd909d59b24c99d0d383c4e3b3fab5a1b