mailing list archives
Re: Buffer overflow prevention
From: Theo de Raadt <deraadt () cvs openbsd org>
Date: Fri, 15 Aug 2003 16:26:39 -0600
pros and cons of the two ?
i think the comparison should be like "how much more does wOpenBSD lacks
compared to PAX ?"
he might try to mean whatever but there is one thing obvious which is best
known as "rip-off"
i think you should read this instead:
w as in http://stargliders.org/phrack/mmhs.jpg
I have made it clear many times that W^X inside OpenBSD came into
being without me even being aware of PAX.
I may have stumbled past HAL2001 on my way from IETF in London to
Usenix Security in DC, but I never went to any of the talks there, and
I do not recall ever talking to anyone about anything in any way like
W^X. I spent most of the time talking with European OpenBSD
developers and Solar Designer, and do not recall any topics about
protecting the address space ever coming up. Almost a year later, we
started working on W^X. We started on non-i386 machines like the
sparc and alpha because at the time we could not think of a way of
doing i386 W^X.
If we had been aware of PAX as you claim, why would we have thought
that i386 solutions were impossible?
There is only one thing I have found the various PAX people to have in
common; they are very persistant at calling other people liars. Can
you people please grow up?
- Re: Heterogeneity as a form of obscurity, and its usefulness, (continued)