Interesting People mailing list archives
another great leap backwood
From: Dave Farber <dave () farber net>
Date: Sat, 10 May 2003 20:50:24 -0400
Those that don't know the past are doomed to reinvent it. Djf ------ Forwarded Message From: RISKS List Owner <risko () csl sri com> Date: Sat, 10 May 2003 17:17:39 -0700 (PDT) To: risks () csl sri com Subject: Risks Digest 22.72 Date: Sun, 4 May 2003 14:30:51 +0800 From: "Jeremy Ardley" <jeremy () electrosilk net> Subject: Re: OpenBSD release protects against buffer-overflow attacks (R 22-71) It is commendable that the FreeBSD group is doing protecting against buffer overflow attacks. What is not so apparent is why technology that was developed and operating over 30 years ago is just being re-invented in software. The Burroughs 6700 implemented a hardware solution to the problem by assigning 3 bits of very 51 bit memory location to the type of data contained. Memory that was tagged as data could not be executed. The result was that no stack overflow attack was possible. Today's Intel based fix is appears to be a hack to work around a deficient architecture. The question that arises is why the architecture of today ignores the solid groundwork or previous years? [Because mass-market operating systems don't use the protection that is available in today's hardware. Note that Multics had a similar execute bit solution in 1965 that prevented execution of data. Executable attachments are clearly an abomination. PGN] ------ End of Forwarded Message ------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- another great leap backwood Dave Farber (May 10)