Bugtraq mailing list archives
Re: machine independent protection from stack-smashing attack
From: Michael Nelson <mikenel () IAPETUS COM>
Date: Mon, 11 Sep 2000 17:08:44 -0400
On Mon, 11 Sep 2000, Yarrow Charnot wrote:
In other words, if the attribute READ is set, the page is automatically made EXECUTABLE. If you trace NT and 9X kernels up to the point where they set that attribute, they ignore your request to make it READ-ONLY (NON-EXECUTABLE) on purpose. What purpose? Who on Earth would want to keep your data segments executable??? If you want to make it executable, one call to this function enables it for you! Why did they restrict its behaviour completely disallowing *READ ONLY* pages???
Intel X86 does not support exec/noexec on a per-page basis. -mike
Current thread:
- Re: machine independent protection from stack-smashing attack Yarrow Charnot (Sep 12)
- Re: machine independent protection from stack-smashing attack Jan Echternach (Sep 12)
- Re: machine independent protection from stack-smashing attack Michael Nelson (Sep 12)
- <Possible follow-ups>
- Re: machine independent protection from stack-smashing attack Greg Hoglund (Sep 12)