Bugtraq mailing list archives
Re: http://www.smashguard.org
From: Crispin Cowan <crispin () immunix com>
Date: Thu, 29 Apr 2004 16:24:08 -0700
Pavel Machek wrote:
The idea is not to create "custom CPUs" but to have our modification picked up by major vendors. Clearly there is interest in applying hardware to solve security issues based on the latest press releasesfrom AMD that AMD chips include buffer-overflow protection (seeAs Theo said, the AMD buffer overflow "protection" is nothing more than sensible separation of R and X bits per page, fixing a glaring andComputer World, January 15, 2004).Actually it is not "sensible", and it is not separation. You can have r--, r-x, but you can't have --x.
But that is *exactly* what is meant by "separation" of R and X.I have no idea what you mean by it not being "sensible". Most every CPU I have ever seen does this except the x86. Someone apparently thought there was no value in separate R and X bits for the i386 back in the mid-80s. It was a false economy :)
Crispin -- Crispin Cowan, Ph.D. http://immunix.com/~crispin/ CTO, Immunix http://immunix.com Immunix 7.3 http://www.immunix.com/shop/
Current thread:
- Re: http://www.smashguard.org Pavel Machek (Apr 30)
- Re: http://www.smashguard.org Crispin Cowan (Apr 30)
- Re: http://www.smashguard.org Pavel Machek (Apr 30)
- Re: http://www.smashguard.org Nicholas Weaver (May 01)
- Re: http://www.smashguard.org Theo de Raadt (May 01)
- Re: http://www.smashguard.org Pavel Machek (Apr 30)
- Re: http://www.smashguard.org Coleman Kane (May 01)
- Re: http://www.smashguard.org Theo de Raadt (May 01)
- Re: http://www.smashguard.org Crispin Cowan (Apr 30)