Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Penetration Testing: Re: [PEN-TEST] Crusoe chip. (fwd)

Re: [PEN-TEST] Crusoe chip. (fwd)

From: Shetron, Richard <multics_at_ruserved.com>
Date: Wed, 8 Nov 2000 08:18:14 -0500

You might want to look at some of the Multics information at
www.multicians.org regarding security. IIRC out of the box, Multics
installs at a B2 security level. Multics had read, execute, write
protection flags on all segments enforced by hardware and used by
software. Stacks/heaps were alwasy read/write, programs were always
read/execute.

There was also a ring protection as well. Instead of just user/superviser
modes there were 4 superviser modes and 4 user modes. A lower security
mode was not allowed to change or access a higher security mode segment
depending on the 'ring brackets'.

>From the Multics standpoint, this discussion on stack/heap protection
is late 60's technology and has been in standard use for over 30 years.

Forwarded message:
>
> As Craig said, the good folks on Bugtraq have demonstrated that
> preventing execution in the stack doesn't actually add important
> protection, it just changes the way you have to mount your attack.
>
> Furthermore, it would break various techniques that various language
> implementations use, that legitimately require executing in the
> stack. Some compilers like to generate code that installs trampoline
> instructions into the stack (I believe this is mostly to help ease
> interfacing between wildly different calling conventions); some
> compile-n-go implementations might want to execute out of stack
> storage.
>
> If there were a real and important security benefit to a non-exec
> stack, then the potential compatibility problems could be lived
> with, as each could be fixed if the implementor chose. But they
> point up a potential cost, and as the only benefit to a non-exec
> stack is effectively security through obscurity --- if the attacker
> knows you're doing it they can dodge --- it just doesn't seem worth
> implementing. Of course the benefit would be greatest if you did a
> private, one-off implementation. But implementation costs, and costs
> of dealing with any resulting compatibility problems, are the
> highest --- because they're not shared --- for such one-offs.
>
> -Bennett 

--
Richard Shetron  multics_at_ruserved.com multics_at_acm.rpi.edu  NO UCE
What is the Meaning of Life?      There is no meaning,
It's just a consequence of complex carbon based chemistry; don't worry about it
The Super 76, "Free Aspirin and Tender Sympathy", Las Vegas Strip.
Received on Nov 09 2000
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]