Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Palladium

From: dullien () gmx de
Date: Wed, 10 Jul 2002 12:13:19 -0700
Hey Blue Boar, all,

BB> One nice, real improvement that could be made to the x86 family is to have
BB> things like real read-only memory segments, real code and data seperation, 
BB> etc... which is what you need to prevent overflows in hardware.

We do have real read-only pages, and they're used all over your
system. With PaX you have read-only-not-execute-pages.
"Real Code and Data Seperation" -- What do you mean by this ?

Generally Palladium is a very stupid move -- they claim at the one end
that Palladium is necessary, coz the existing security measures break
under the assumption that the trusted computing base cna be violated
via a kernel level exploit. Then they propose Palladium as a solution.

They do not mention that Palladium fails given the same assumption.

Sometimes I really really dislike Microsoft.

Cheers,
dullien () gmx de
Previous By Date Next
Previous By Thread Next

Current thread: