Bugtraq mailing list archives
Re: machine independent protection from stack-smashing attack
From: Jan Echternach <echter () informatik uni-rostock de>
Date: Mon, 11 Sep 2000 22:16:55 +0200
On Mon, Sep 11, 2000 at 09:55:35AM +0400, Yarrow Charnot wrote:
Microsoft purposely doesn't allow pages to be non-executable,
Microsoft didn't really have a choice. i386 hardware doesn't support readable, but non-executable pages.
In other words, if the attribute READ is set, the page is automatically made EXECUTABLE. If you trace NT and 9X kernels up to the point where they set
Same with Linux/i386, for instance.
(NON-EXECUTABLE) on purpose. What purpose? Who on Earth would want to keep your data segments executable??? If you want to make it executable, one call
Segment based protections on i386 are different thing. I think you could emulate a flat memory model with non-executable pages by mapping data and code segments to different linear addresses, but that would half the availabe virtual memory and impose a performance penalty. -- Jan
Current thread:
- Re: machine independent protection from stack-smashing attack Yarrow Charnot (Sep 12)
- Re: machine independent protection from stack-smashing attack Jan Echternach (Sep 12)
- Re: machine independent protection from stack-smashing attack Michael Nelson (Sep 12)
- <Possible follow-ups>
- Re: machine independent protection from stack-smashing attack Greg Hoglund (Sep 12)