Penetration Testing mailing list archives
Re: [PEN-TEST] Crusoe chip.
From: Robert van der Meulen <rvdm () CISTRON NL>
Date: Wed, 8 Nov 2000 12:35:44 +0100
Quoting Craig Anderson (craig () XTIME COM):
Why would you want to detect it, when you can disable the execution flag on the segments where you don't want it (bss/stack, etc) ? Afaik if you're mucking around in the software-x86 emulation anyways, it's better to fix stuff than to only detect it :)Disabling execution on the Heap/BSS doesn't solve everything. You don't need to 'execute' anything to be malicious, although the ability to execute arbitrary code is still very useful for all malicious intents and purposes.
I agree.
Why would you want to dectect such activities? Why not? It is always useful to see the myriad of attacks being performed on your resources as long as it's not too costly in nature.
Detecting is fine, but my point was (again: i'm not an x-86-expert), if you can _fix_ it, then there is no need detecting it, as it can't happen. I acknowledge that disabling execution is not the solution against malicious intents. Writing solid code is ofcourse the solution. My (mostly theoretical) point was, that if you would be able to patch the crusoe x86 emulation code to detect execution in areas where you don't want it, disabling it would be better. I'm not trying to find a solution here, but i don't see the point in trying to detect something when you can disable it ;) Non-executable stacks/bss etc will not solve the problem. Probably nothing will solve the problem except for programmers that are 100% perfect, and who don't make mistakes that allow malicious actions to take place with their software :). (ofcourse except for the mythical source-code scanning AI that finds all security-wise bad spots and fixes them automatically (*ahem*) ). Greets, Robert -- | rvdm () cistron nl - Cistron Internet Services - www.cistron.nl | | php3/c/perl/html/c++/sed/awk/linux/sql/cgi/security | | My statements are mine, and not necessarily cistron's. | "God is big, so don't fuck with him."
Current thread:
- [PEN-TEST] Crusoe chip. Ben Ford (Nov 07)
- Re: [PEN-TEST] Crusoe chip. Craig Anderson (Nov 07)
- Re: [PEN-TEST] Crusoe chip. Bennett Todd (Nov 08)
- Re: [PEN-TEST] Crusoe chip. Robert van der Meulen (Nov 08)
- Re: [PEN-TEST] Crusoe chip. Craig Anderson (Nov 08)
- Re: [PEN-TEST] Crusoe chip. Robert van der Meulen (Nov 09)
- Re: [PEN-TEST] Crusoe chip. Craig Anderson (Nov 08)
- Re: [PEN-TEST] Crusoe chip. c0ncept (Nov 22)
- Re: [PEN-TEST] Crusoe chip. Craig Anderson (Nov 07)