Hi,
Quoting Ben Ford (bford_at_TALONTECH.COM):
> My question is this: Because the x86 architecture is only software
> emulated on the Crusoe chip, could that chip (or the software layer
> emulating the x86) detect when a buffer overflow was happening and head
> off any code execution, thereby eliminating the root exploit?
Why would you want to detect it, when you can disable the execution flag on
the segments where you don't want it (bss/stack, etc) ?
Afaik if you're mucking around in the software-x86 emulation anyways, it's
better to fix stuff than to only detect it :)
Ofcourse i don't know the implications of such a solution, does anything
rely on those segments being executable ? I also wouldn't know if 'patching'
the emulation-code like this is 'intensive' - i'm not an x86 expert :)
Greets,
Robert
--
| rvdm_at_cistron.nl - Cistron Internet Services - www.cistron.nl |
| php3/c/perl/html/c++/sed/awk/linux/sql/cgi/security |
| My statements are mine, and not necessarily cistron's. |
Catch your husband or wife cheating online! (49.95 US Value!) -- spam
Received on Nov 08 2000
Intro
