oss-sec mailing list archives
Re: Re: Fwd: x86 ROP mitigation
From: Daniel Micay <danielmicay () gmail com>
Date: Tue, 17 Nov 2015 21:17:59 -0500
It's the first step of a very long road. This attitude is quite pervasive across security people, and it's not a very good one. Just because the first iteration of a technology isn't perfect, or the ideas have room for improvement is no reason to go all negative.
It's not that it's not perfect. Rather, it's not useful yet. Perhaps it will be useful down the road.
Sometimes great ideas start out like this. If it's a bad idea, it won't stick around for long.
Sure, it might turn out well. But it would be one component in a much larger set of changes and it's not clear what those would need to be. It's not simply a matter of piling on more and more work until it is actually useful. The problem and the scope of the solution actually needs to be defined beforehand.
There are few instances where doing nothing is better than doing
something. Nothing is certainly better than something that's not useful... less complexity means more easily maintained code and avoiding distractions from meaningful features (which this could be, but there isn't a plan laid out to make it one right now). There are existing examples of the security features in GCC causing security issues. It's pretty scary that -fstack-check could cause subtle memory corruption on ARM until recently (fix is not in a release yet). That feature at least has a clear purpose though.
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- x86 ROP mitigation Solar Designer (Nov 17)
- Message not available
- Re: Fwd: x86 ROP mitigation Bernd Schmidt (Nov 17)
- Re: Fwd: x86 ROP mitigation Jeff Law (Nov 17)
- Re: Re: Fwd: x86 ROP mitigation Daniel Micay (Nov 17)
- Re: Re: Fwd: x86 ROP mitigation Josh Bressers (Nov 17)
- Re: Re: Fwd: x86 ROP mitigation Daniel Micay (Nov 17)
- Re: Re: Fwd: x86 ROP mitigation Josh Bressers (Nov 17)
- Re: Re: Fwd: x86 ROP mitigation Daniel Micay (Nov 17)
- Re: Fwd: x86 ROP mitigation Bernd Schmidt (Nov 17)
- Message not available
- Re: Re: Fwd: x86 ROP mitigation Rich Felker (Nov 17)
- Re: Re: Fwd: x86 ROP mitigation Daniel Micay (Nov 17)
- Re: Fwd: x86 ROP mitigation Solar Designer (Nov 17)
- Re: Fwd: x86 ROP mitigation Florian Weimer (Nov 18)
- Data on Linux attacks (was Re: [oss-security] Re: Fwd: x86 ROP mitigation) Josh Bressers (Nov 18)
- Re: Data on Linux attacks (was Re: [oss-security] Re: Fwd: x86 ROP mitigation) Kurt Seifried (Nov 18)
- Re: Re: Fwd: x86 ROP mitigation Steve Grubb (Nov 18)
- Re: Re: Fwd: x86 ROP mitigation Fabio Pagani (Nov 18)
- Re: Fwd: x86 ROP mitigation Solar Designer (Nov 19)
- Re: Re: Fwd: x86 ROP mitigation Jonathan Salwan (Nov 19)