Home page logo

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] Crusoe chip.
From: Robert van der Meulen <rvdm () CISTRON NL>
Date: Tue, 7 Nov 2000 10:01:40 +0100


Quoting Ben Ford (bford () TALONTECH COM):
My question is this:  Because the x86 architecture is only software
emulated on the Crusoe chip, could that chip (or the software layer
emulating the x86) detect when a buffer overflow was happening and head
off any code execution, thereby eliminating the root exploit?
Why would you want to detect it, when you can disable the execution flag on
the segments where you don't want it (bss/stack, etc) ?
Afaik if you're mucking around in the software-x86 emulation anyways, it's
better to fix stuff than to only detect it :)

Ofcourse i don't know the implications of such a solution, does anything
rely on those segments being executable ? I also wouldn't know if 'patching'
the emulation-code like this is 'intensive' - i'm not an x86 expert :)


|      rvdm () cistron nl - Cistron Internet Services - www.cistron.nl        |
|          php3/c/perl/html/c++/sed/awk/linux/sql/cgi/security             |
|         My statements are mine, and not necessarily cistron's.           |
   Catch your husband or wife cheating online! (49.95 US Value!) -- spam

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]