Vulnerability Development mailing list archives

Re: Future of buffer overflows ?

From: "Michael H. Warfield" <mhw () WITTSEND COM>
Date: Thu, 2 Nov 2000 19:33:13 -0500

On Fri, Nov 03, 2000 at 01:11:34PM +0100, Thomas Dullien wrote:

On Wed, 1 Nov 2000 15:21:10 -0300, Gerardo Richarte wrote:

Hey Gerardo,

       This is not a new concept. It's been out there for a while now...

Ermm.. no ;>
Non-exec heap & stack pages are new to the x86 platform at least. They
exist on a few other CPUs, but on x86 they are a 'hack' ;>


        Err???

        Non-excutable stacks on x86 have been discussed for years.  They
may be a hack and they may not be common BUT THEY ARE NOT A NEW CONCEPT!
Discussions of non-executable stacks predate Linux (I worked on MicroPort
Unix, SCO Unix, and Xenix).  They are nothing new.  They just don't buy
you anything.  I use to think they contributed to security but a few
simple working illustration dispersed that illusion real quick.

        [...]

Cheers,
Thomas


        Later!

        Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw () WittsEnd com
  (The Mad Wizard)      |  (678) 463-0932   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!

Current thread:

Re: Future of buffer overflows ? Thomas Dullien (Nov 03)
- Re: Future of buffer overflows ? Crispin Cowan (Nov 04)
- Re: Future of buffer overflows ? Michael H. Warfield (Nov 05)
  - Re: Future of buffer overflows ? Bluefish (P.Magnusson) (Nov 06)
- Re: Future of buffer overflows ? Granquist, Lamont (Nov 06)
- <Possible follow-ups>
- Re: Future of buffer overflows ? Bluefish (P.Magnusson) (Nov 05)
- Re: Future of buffer overflows ? Thomas Dullien (Nov 05)
- Re: Future of buffer overflows ? Bluefish (P.Magnusson) (Nov 09)
  - Re: Future of buffer overflows ? David Wagner (Nov 10)