--On Sun, 30 Mar 2003 23:35:01 -0500 Jim Magee <jmagee@apple.com> wrote: I think you need to read that again. The effect of the no-execute bit is discussed on a page basis, but the bit itself is only settable at the segment level. So, you have to give up 256 MB section(s) of your address space to non-execute status, and you have to assure all stacks are in that range. That was deemed too restrictive at the time. That seems rather unfortunate. As we all know, buffer overflow problems are really common. Maybe it even is _the_ most frequent unix security hole currently. I believe that some or all of the X-bsds has taken steps to disallow running code also from data space, which would make overwriting a return address and jump into a data buffer tricky too. I really do think that darwin should have at least non-executable stack, but preferably code should only run from where it has been explicitely allowed to. This os is supposed to also be handled by people who don't have 24 hour watch of CERT advisories. How much work would it be to implement this? Will apple look into doing it? /ragge _______________________________________________ darwin-kernel mailing list | darwin-kernel@lists.apple.com Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/darwin-kernel Do not post admin requests to the list. They will be ignored.