From: Robert A Duff <bobduff@shell01.TheWorld.com>
Subject: Re: Partial Hardware Protection for Buffer Overrun Exploits
Date: 17 Apr 2003 17:29:08 -0400
Date: 2003-04-17T17:29:08-04:00 [thread overview]
Message-ID: <wcck7dsg6e3.fsf@shell01.TheWorld.com> (raw)
In-Reply-To: b7k3su$1q9au$1@ID-175126.news.dfncis.de
Vinzent Hoefler <ada.rocks@jlfencey.com> writes:
> There is already an easier solution (at least for x86-CPU's): Don't
> use a purely flat model, with this I mean, you shouldn't use the same
> address space for both data/stack and code. This could already be
> accomplished with the standard protection/paging features of the x86.
Well, on any machine that has an "executable" protection bit on each
page, you (the OS) can simply make sure all executable memory is
read-only. No need for the x86 segmentation junk. But as you and
others say, that disallows all kinds of useful stuff like trampolines
and self-modifying code (JIT compilers and the like).
> >There has to be a better solution to the current crop of
> >buffer exploits, that are being used daily.
>
> Yes. What about using Ada? ;-)
Amen.
- Bob
next prev parent reply other threads:[~2003-04-17 21:29 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-04-16 16:54 Partial Hardware Protection for Buffer Overrun Exploits Warren W. Gay VE3WWG
2003-04-16 17:28 ` Vinzent Hoefler
2003-04-17 16:33 ` Warren W. Gay VE3WWG
2003-04-17 21:29 ` Robert A Duff [this message]
2003-04-16 19:13 ` Brian Catlin
2003-04-17 15:00 ` Bob French
2003-04-17 16:14 ` Warren W. Gay VE3WWG
2003-04-17 23:22 ` Randy Brukardt
2003-04-21 16:42 ` Warren W. Gay VE3WWG
2003-04-21 17:26 ` tmoran
2003-04-22 1:40 ` Frank J. Lhota
2003-04-22 21:15 ` Robert A Duff
2003-04-22 21:19 ` Ed Falis
2003-04-24 2:00 ` Randy Brukardt
2003-04-24 13:49 ` Ed Falis
2003-04-24 18:42 ` Randy Brukardt
2003-04-24 18:49 ` Ed Falis
2003-04-17 21:22 ` Robert A Duff
2003-04-21 16:33 ` Warren W. Gay VE3WWG
2003-04-21 19:28 ` Robert A Duff
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox