Penetration Testing mailing list archives
Re: [PEN-TEST] Crusoe chip.
From: Bennett Todd <bet () RAHUL NET>
Date: Tue, 7 Nov 2000 14:00:53 -0500
As Craig said, the good folks on Bugtraq have demonstrated that preventing execution in the stack doesn't actually add important protection, it just changes the way you have to mount your attack. Furthermore, it would break various techniques that various language implementations use, that legitimately require executing in the stack. Some compilers like to generate code that installs trampoline instructions into the stack (I believe this is mostly to help ease interfacing between wildly different calling conventions); some compile-n-go implementations might want to execute out of stack storage. If there were a real and important security benefit to a non-exec stack, then the potential compatibility problems could be lived with, as each could be fixed if the implementor chose. But they point up a potential cost, and as the only benefit to a non-exec stack is effectively security through obscurity --- if the attacker knows you're doing it they can dodge --- it just doesn't seem worth implementing. Of course the benefit would be greatest if you did a private, one-off implementation. But implementation costs, and costs of dealing with any resulting compatibility problems, are the highest --- because they're not shared --- for such one-offs. -Bennett
Attachment:
_bin
Description:
Current thread:
- [PEN-TEST] Crusoe chip. Ben Ford (Nov 07)
- Re: [PEN-TEST] Crusoe chip. Craig Anderson (Nov 07)
- Re: [PEN-TEST] Crusoe chip. Bennett Todd (Nov 08)
- Re: [PEN-TEST] Crusoe chip. Robert van der Meulen (Nov 08)
- Re: [PEN-TEST] Crusoe chip. Craig Anderson (Nov 08)
- Re: [PEN-TEST] Crusoe chip. Robert van der Meulen (Nov 09)
- Re: [PEN-TEST] Crusoe chip. Craig Anderson (Nov 08)
- Re: [PEN-TEST] Crusoe chip. c0ncept (Nov 22)
- Re: [PEN-TEST] Crusoe chip. Craig Anderson (Nov 07)