Vulnerability Development mailing list archives

Re: Future of buffer overflows ?

From: "Bluefish (P.Magnusson)" <11a () GMX NET>
Date: Wed, 8 Nov 2000 13:38:49 +0100

You might want to think about how dynamic linking fits into this world.
(Hint: I think anytime you have dynamic linking, non-exec permissions
can be bypassed.)


No, you're wrong. Perhaps todays implementations require it, but it is
*not* a fundamental requirement for dynamic linking. Basicly you'd write
the page/segment and then set it none-writeable. Simple confinement
principle. (may be tricky to code though - but most certainly possible)

..:::::::::::::::::::::::::::::::::::::::::::::::::..
     http://www.11a.nu || http://bluefish.11a.nu
    eleventh alliance development & security team

             http://www.eff.org/cafe

Current thread:

Re: Future of buffer overflows ? Thomas Dullien (Nov 03)
- Re: Future of buffer overflows ? Crispin Cowan (Nov 04)
- Re: Future of buffer overflows ? Michael H. Warfield (Nov 05)
  - Re: Future of buffer overflows ? Bluefish (P.Magnusson) (Nov 06)
- Re: Future of buffer overflows ? Granquist, Lamont (Nov 06)
- <Possible follow-ups>
- Re: Future of buffer overflows ? Bluefish (P.Magnusson) (Nov 05)
- Re: Future of buffer overflows ? Thomas Dullien (Nov 05)
- Re: Future of buffer overflows ? Bluefish (P.Magnusson) (Nov 09)
  - Re: Future of buffer overflows ? David Wagner (Nov 10)