Re: Future of buffer overflows ?

[Crispin Cowan <crispin () WIREX COM>]

Thomas Dullien wrote:

> On Wed, 1 Nov 2000 15:21:10 -0300, Gerardo Richarte wrote:
>
> Hey Gerardo,
>
> >        This is not a new concept. It's been out there for a while now...
>
> Ermm.. no ;>
> Non-exec heap & stack pages are new to the x86 platform at least. They
> exist on a few other CPUs, but on x86 they are a 'hack' ;>

That is only partially correct.  Solar Designer's patch to linux does in fact implement a
non-executable stack segment for x86 processors http://openwall.com/linux/

He gets around the problem that the x86 does not have separate read and execute permission bits
on pages by exploiting the fact that the x86 DOES support separate "data" and "execute"
segments.  With that in mind, he maps the data and execution segments separately, exploiting
the fact that the stack and the data portions of memory are at opposite ends of the address
space.

I believe Solar actually looked at making the data area non-executable, but ended up dropping
the idea because he encountered too many comaptibility problems.


> Well, that is one of the major problems :) While the methods you describe are all
> nice & dandy in a lab environment, the don't really work 'in-the-wild'.

That remark needs a :-)

Crispin

--
Crispin Cowan, Ph.D.
Chief Research Scientist, WireX Communications, Inc. http://wirex.com
Free Hardened Linux Distribution:                    http://immunix.org