mailing list archives
Re: [PEN-TEST] Crusoe chip.
From: c0ncept <c0ncept () HUSHMAIL COM>
Date: Tue, 21 Nov 2000 09:17:17 -0800
-----BEGIN PGP SIGNED MESSAGE-----
There was recently a thread about his on one of Security Focuses
other mailing lists. The general consensus seemed to be that a
no-exec stack wouldn't prevent buffer overflow exploits, just
implementing them more difficult. As long as it's possible to
overwrite the next instruction pointer, it's still exploitable via a
call into the c library (think system(), execl()).
Also, some programs require an exacutable stack -- i believe this is
discussed in the Immunix documentation.
[ For the full thread, consult the archives -- it's definately worth
- -----Original Message-----
From: Penetration Testers [mailto:PEN-TEST () SECURITYFOCUS COM]On
Of Ben Ford
Sent: Monday, November 06, 2000 3:31 PM
To: PEN-TEST () SECURITYFOCUS COM
Subject: [PEN-TEST] Crusoe chip.
I just had an interesting conversation that sparked an idea. One of
major problems we have regarding security is the fact that the stack
the x86 architecture is executable. Because of that, when we have a
buffer overflow, arbitrary code can be executed.
My question is this: Because the x86 architecture is only software
emulated on the Crusoe chip, could that chip (or the software layer
emulating the x86) detect when a buffer overflow was happening and
off any code execution, thereby eliminating the root exploit?
Seems to me that would be a big plus . . . . . .
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
-----END PGP SIGNATURE-----