Re: Non-executable stack
Re: Non-executable stack
- Subject: Re: Non-executable stack
- From: Ragnar Sundblad <email@hidden>
- Date: Tue, 01 Apr 2003 02:10:50 +0200
--On Sun, 30 Mar 2003 23:35:01 -0500 Jim Magee <email@hidden> wrote:
I think you need to read that again. The effect of the no-execute bit
is discussed on a page basis, but the bit itself is only settable at
the segment level. So, you have to give up 256 MB section(s) of your
address space to non-execute status, and you have to assure all stacks
are in that range. That was deemed too restrictive at the time.
That seems rather unfortunate. As we all know, buffer overflow
problems are really common. Maybe it even is _the_ most frequent
unix security hole currently.
I believe that some or all of the X-bsds has taken steps to
disallow running code also from data space, which would make
overwriting a return address and jump into a data buffer
tricky too.
I really do think that darwin should have at least non-executable
stack, but preferably code should only run from where it has
been explicitely allowed to. This os is supposed to also be
handled by people who don't have 24 hour watch of CERT advisories.
How much work would it be to implement this? Will apple look
into doing it?
/ragge
_______________________________________________
darwin-kernel mailing list | email@hidden
Help/Unsubscribe/Archives:
http://www.lists.apple.com/mailman/listinfo/darwin-kernel
Do not post admin requests to the list. They will be ignored.