Bugtraq mailing list archives

Re: Solaris 7 x86 lpset exploit.

From: Darren.Moffat () UK SUN COM (Darren Moffat - Solaris Sustaining Engineering)
Date: Fri, 28 Apr 2000 10:12:46 +0100

on all solaris/sparc app's i have used so far, there is a reason,
why SUN does enable stack execution by default, if i am correctly
informed this is due to some fortran or rare/old compiler issue,
and might break some fortran or other alien language code...


Correct, some lisp and Objective C compilers use trampolineing as part
of their compiler/interpreter mechanism this relies on executing code
sitting on the stack.

The most important reason is that SPARCv{7,8} ABI requires the
stack to be executable so chaining it would mean Solaris was no
longer compliant with the SPARC ABI.

SPARCv9 ABI has the stack non-executable so 64bit programs already
have a nonexec_user_stack style of protection.  Note that you need
the Sun Workshop C compiler 5.0 or above to generate 64bit binaries.

--
Darren J Moffat

Current thread:

Re: Solaris 7 x86 lpset exploit. Darren Moffat - Solaris Sustaining Engineering (Apr 28)
- <Possible follow-ups>
- Re: Solaris 7 x86 lpset exploit. Elias Levy (Apr 28)
- Re: Solaris 7 x86 lpset exploit. der Mouse (Apr 29)