Re: Privilege-escalation attacks on NT-based Windows are unfixable
From:Date: 08/26/02
- Next message: Alun Jones: "Re: TCHAR and buffer overflows"
- Previous message: : "Re: TCHAR and buffer overflows"
- In reply to: Paul Rubin: "Re: Privilege-escalation attacks on NT-based Windows are unfixable"
- Next in thread: : "Re: Privilege-escalation attacks on NT-based Windows are unfixable"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 26 Aug 2002 20:57:18 GMT
In article <7x65xx9wr0.fsf@ruckus.brouhaha.com>,
Paul Rubin <phr-n2002b@NOSPAMnightsong.com> wrote:
>"Ursus Horibilis" <ursus_horibilis@hotmail.com> writes:
>> People used to have to justify their wants. Why do you want an executable
>> stack (or heap, for that matter)? What does that do for you? Why do you
>> want a writable code space? So you can write self-modifying code?
>>
>> There are innumerable horror stories showing why you shouldn't be allowed to
>> do such things in a general-purpose, multi-user, interrupt-processing
>> environment. Can you point to any counter-balancing examples where you just
>> have to have such capabilities, or do you just like living dangerously?
>
>JIT compilation in Java
>Binary emulation like VMware
>Automatic code generation in GNU Lightning (same idea as JIT)
>Et cetera.
You don't need that stuff in the regular heap. Map a new memory segment,
and set its protection to allow execution.
-- Barry Margolin, barmar@genuity.net Genuity, Woburn, MA *** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups. Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.
- Next message: Alun Jones: "Re: TCHAR and buffer overflows"
- Previous message: : "Re: TCHAR and buffer overflows"
- In reply to: Paul Rubin: "Re: Privilege-escalation attacks on NT-based Windows are unfixable"
- Next in thread: : "Re: Privilege-escalation attacks on NT-based Windows are unfixable"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
