Re: Privilege-escalation attacks on NT-based Windows are unfixable

From:
Date: 08/23/02


Date: Fri, 23 Aug 2002 04:17:33 +0000 (UTC)

Barry Margolin wrote:
>An analogy in the Unix world would be executable stacks, which many
>buffer-overflow exploits take advantage of.

With respect, that seems like a poor choice of analogy. The real problem
is lack of array bounds checking in C and poor libraries, which is a
problem in the language and library, not the OS. Executable stacks are
not the problem, and non-executable stacks are not the fix. Making the
stack non-executable would not help; the restriction is easily bypassed
with alternate exploit techniques, and exploit scripts would quickly
use other methods. So I don't think this is such a great analogy.

But that said, maybe it is a good enough analogy. The fault is
absolutely 100% with the C language and the standard libraries, not
with the applications. It is ridiculous to pin all the blame for buffer
overruns on programmers or applications; ok, sometimes programmers are
careless and deserve a share of the blame, but the real problem is the
language that makes it so easy to do the wrong thing, and so hard to do
the right thing. strcpy(), like unfenced swimming pools, is an attractive
nuisance nuisance, and should never have existed.

If the Shatter attack shares these same characteristics, then yes, the
Windows OS deserves some blame for poor design that created dangerous
security pitfalls.



Relevant Pages

  • Re: Privilege-escalation attacks on NT-based Windows are unfixable
    ... >An analogy in the Unix world would be executable stacks, ... that seems like a poor choice of analogy. ... careless and deserve a share of the blame, but the real problem is the ...
    (comp.security.misc)
  • Re: OT: Government Healthcare
    ... not only plain stupid, ... poor because you compared two things that are not analogous. ... makes it a good analogy. ... psychology is as poor as the rest of your reasoning skills. ...
    (rec.gambling.poker)
  • Re: Privilege-escalation attacks on NT-based Windows are unfixable
    ... >>An analogy in the Unix world would be executable stacks, ... that seems like a poor choice of analogy. ... No one ever said that programming is easy, ...
    (comp.security.misc)
  • Re: Privilege-escalation attacks on NT-based Windows are unfixable
    ... >>An analogy in the Unix world would be executable stacks, ... that seems like a poor choice of analogy. ... No one ever said that programming is easy, ...
    (comp.os.ms-windows.nt.admin.security)
  • Re: Dell UK
    ... >>> analogy, v poor on several fronts including the one you point out. ... should apply to anything that happens to the Dell, ... He then equated that with velcro being faulty because he dropped it on a wet ...
    (uk.finance)