Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

fulldisclosure logo Full Disclosure mailing list archives

Re: 4 Questions: Latest IE vulnerability, Firefox vs IE security, User vs Admin risk profile, and browsers coded in 100% Managed Verifiable code
From: Christopher Bergström <cbergstrom () netsyncro com>
Date: Mon, 27 Mar 2006 15:30:48 +0300
Pilon Mntry wrote:


[snip]


What about
using the
facilities already provided by the OS to enforce the
sandbox? 

But then will it be possible to prevent buffer
overflows, still running on unmanaged code?
There are Pax patches for Linux kernel, *BSD has their own flavour (the name slips my memory) and I believe since service pack 2 XP had some form of SSP. (Which I've only heard about and not seen nor used.)
If you have managed code concerns the Mono [1] project is certainly a work in progress, but over the next year I'd like to help overcome any obvious oversights in security. Novell has some bright developers dedicated to security alone and that might be something to look at. Ask or give suggestions on the Mono users-list as it's always appreciated. 

Cheers,

C.

[1] www.mono-project.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]