Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: machine independent protection from stack-smashing attack
From: Jan Echternach <echter () informatik uni-rostock de>
Date: Mon, 11 Sep 2000 22:16:55 +0200

On Mon, Sep 11, 2000 at 09:55:35AM +0400, Yarrow Charnot wrote:
Microsoft purposely doesn't allow pages to be non-executable,

Microsoft didn't really have a choice.  i386 hardware doesn't support
readable, but non-executable pages.

In other words, if the attribute READ is set, the page is automatically made
EXECUTABLE. If you trace NT and 9X kernels up to the point where they set

Same with Linux/i386, for instance.

(NON-EXECUTABLE) on purpose. What purpose? Who on Earth would want to keep
your data segments executable??? If you want to make it executable, one call

Segment based protections on i386 are different thing.  I think you
could emulate a flat memory model with non-executable pages by mapping
data and code segments to different linear addresses, but that would
half the availabe virtual memory and impose a performance penalty.

--
Jan


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]