From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Thread: 103376,af0c6ea85f3ed92d
X-Google-NewGroupId: yes
X-Google-Attributes: gida07f3367d7,domainid0,public,usenet
X-Google-Language: ENGLISH,ASCII
Received: by 10.68.135.231 with SMTP id pv7mr15597955pbb.8.1329771182730;
        Mon, 20 Feb 2012 12:53:02 -0800 (PST)
Path: 
 wr5ni48723pbc.0!nntp.google.com!news2.google.com!goblin1!goblin3!goblin.stu.neva.ru!newsfeed2.funet.fi!newsfeed3.funet.fi!newsfeeds.funet.fi!fi.sn.net!newsfeed2.tdcnet.fi!news.song.fi!not-for-mail
Date: Mon, 20 Feb 2012 22:52:29 +0200
From: Tero Koskinen <tero.koskinen@iki.fi>
Newsgroups: comp.lang.ada
Subject: Re: Arbitrary Sandbox
Message-Id: <20120220225229.751627babef4d8363a752152@iki.fi>
References: <bfeb9869-9323-4ad5-bdf8-af20593734ef@q8g2000pbb.googlegroups.com>
	<2aaee0a4-e820-4a75-bbaf-d9d09c366d2c@f5g2000yqm.googlegroups.com>
	<4da4bf75-e6c9-4c17-9072-ab6f533ed93f@vd8g2000pbc.googlegroups.com>
	<jh7739$9os$1@munin.nbi.dk>
	<203d63cf-42a9-49ef-82cd-943d77b5e438@c21g2000yqi.googlegroups.com>
	<jhh6qr$9av$1@munin.nbi.dk>
	<e10bf38c-3c48-4fa4-bb0a-e61211aee90d@f30g2000yqh.googlegroups.com>
X-Newsreader: Sylpheed 3.2.0beta5 (GTK+ 2.24.8; x86_64-redhat-linux-gnu)
Mime-Version: 1.0
Organization: NBL Networks Oy
NNTP-Posting-Host: 217.30.184.161
X-Trace: 1329771149 news.nbl.fi 3099 217.30.184.161:34305
X-Complaints-To: abuse@nblnetworks.fi
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Date: 2012-02-20T22:52:29+02:00
List-Id: <comp.lang.ada>

On Fri, 17 Feb 2012 20:47:36 -0800 (PST)
Shark8 <onewingedshark@gmail.com> wrote:

> On Feb 15, 3:07=A0pm, "Randy Brukardt" <ra...@rrsoftware.com> wrote:
> > "Shark8" <onewingedsh...@gmail.com> wrote in message
> >
> > news:203d63cf-42a9-49ef-82cd-943d77b5e438@c21g2000yqi.googlegroups.com.=
..
> > On Feb 11, 8:10 pm, "Randy Brukardt" <ra...@rrsoftware.com> wrote:
> >
> > >> Windows and Unix-based systems do not have a properly designed (nati=
ve)
> > >> runtime environment -- stuff we did to make Janus/Ada more secure on=
 DOS
> > >> extenders in the 1980s never made it to OS environments).
> >
> > The vast majority of programs do not have self-modifying code, and it
> > shouldn't be possible for them to run such code in any way. If that's t=
he
> > case, most code-injection attacks cannot happen.
> >
> > We used the native segmentation of the Intel hardware to completely sep=
arate
> > code and data in Janus/Ada programs. It was impossible to accidentally
> > execute data simply because the data wasn't even in the same address sp=
ace.
> >
> > =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0=
 =A0 =A0 =A0 =A0 =A0 =A0 Randy.
>=20
> You know; I always wondered why they (developers, and OS designers)
> didn't take advantage of segments. It seems to be a very nice way to
> enforce security. (As you said, going all the way to the 286.)

OpenBSD uses somewhat similar tactic on i386 for its W^X
(write-or-execute) feature:  https://en.wikipedia.org/wiki/W%5EX

You can set the execute or write flags using mprotect system call, so
Just-In-Time compilers and other programs with fancy memory usage work
more of less out of the box.

Theo de Raadt's presentation from 2005 has some implementation info
and also descriptions of other security features of OpenBSD:
http://www.openbsd.org/papers/ven05-deraadt/index.html

--=20
Tero Koskinen - http://iki.fi/tero.koskinen/