Bugtraq mailing list archives
Re: Buffer overflow prevention
From: Mariusz Woloszyn <emsi () ipartners pl>
Date: Mon, 18 Aug 2003 20:01:51 +0200 (EEST)
On Mon, 18 Aug 2003 pageexec () freemail hu wrote:
Anyways, on an i386 you can do W^X somewhat. Not as perfectly as you can on cpus that have a per-page X bit...You are wrong again, PaX provides perfect per-page non-executable pages using segmentation (SEGMEXEC), there are no restrictions on the ordering of data/code pages like in OpenBSD.
BTW: have anyone tried to talk wih Linus about implementing some PaX (or even GR) functionality in official Kernels? I know that the argument for not implementing Solar Designer's nonexecutable stack patch in official kernel was that it is easily bypassable, so what about PaX??? I hate seeing GOT and other segments rwx nowdays (while it's marked as r-x it IS executable). -- Mariusz Wołoszyn Internet Security Specialist, GTS - Internet Partners
Current thread:
- Re: Buffer overflow prevention, (continued)
- Re: Buffer overflow prevention noir (Aug 14)
- Re: Buffer overflow prevention Matt D. Harris (Aug 15)
- RE: Buffer overflow prevention Avery Buffington (Aug 15)
- Re: Buffer overflow prevention Massimo Bernaschi (Aug 15)
- Re: Buffer overflow prevention Tom 7 (Aug 15)
- RE: Buffer overflow prevention noir (Aug 15)
- Re: Buffer overflow prevention Theo de Raadt (Aug 18)
- Re: Buffer overflow prevention Peter Busser (Aug 18)
- Re: Buffer overflow prevention noir (Aug 18)
- Re: Buffer overflow prevention Theo de Raadt (Aug 18)
- Re: Buffer overflow prevention pageexec (Aug 18)
- Re: Buffer overflow prevention Mariusz Woloszyn (Aug 18)
- Re: Buffer overflow prevention pageexec (Aug 18)
- Re: Buffer overflow prevention pageexec (Aug 18)
- Re: Buffer overflow prevention Theo de Raadt (Aug 18)
- Re: Buffer overflow prevention Darren Reed (Aug 18)
- Re: Buffer overflow prevention Peter Busser (Aug 19)
- Re: Buffer overflow prevention Theo de Raadt (Aug 18)
- Re: Buffer overflow prevention Glynn Clements (Aug 19)
- Re: Buffer overflow prevention Crispin Cowan (Aug 19)
- Re: Buffer overflow prevention Anil Madhavapeddy (Aug 19)
- Re: Buffer overflow prevention Mariusz Woloszyn (Aug 19)
(Thread continues...)