Security Basics mailing list archives

Re: RE: considerations about exploits tricks

From: opexoc () gmail com
Date: 8 Nov 2007 13:01:26 -0000

<<<-----CUT----->>>

So this is a functionality issue for a start. Many systems (eg Internet
DNS) do not need the extended functionality provided by Java and other
high level languages. In this case - there is a good case to disable
code from running out of the data areas, stack and heap. On the other
hand, Users want to browse the web etc and as such they want this added
feature (ie no heap protection).

<<<-----CUT----->>>

I don't actually understand your last sentence: "Users want to browse the web etc and as such they want this added
feature (ie no heap protection)."

So what they want to browse the web? Do you mean Java extension there? 

opexoc

Current thread:

considerations about exploits tricks opexoc (Nov 04)
- Re: considerations about exploits tricks PCSC Information Services (Nov 05)
- <Possible follow-ups>
- Re: considerations about exploits tricks jfvanmeter (Nov 05)
- Re: considerations about exploits tricks krymson (Nov 05)
  - RE: considerations about exploits tricks Craig Wright (Nov 05)
- Re: RE: considerations about exploits tricks opexoc (Nov 08)