Re: Stack growth direction to thwart buffer overflow attacks

From: Frank Cusack (fcusack_at_fcusack.com)
Date: 08/20/03 

Date: Tue, 19 Aug 2003 22:10:24 -0700

On Wed, 20 Aug 2003 00:27:32 +0000 (UTC) Sander Vesik <sander@haldjas.folklore.ee> wrote:
> In comp.arch Frank Cusack <fcusack@fcusack.com> wrote:
>>
>> You know why there's so much unix software? Because there are standards
>> that people can follow. A programmer only has to learn the standard,
>> and with little variation can write for any unix OS.
>
> ha ha ha ha ha. Ever ported a significant piece of software to a new unix
> platofrm?

Yes, and thankfully SUS/POSIX means that open(),socket(),pthread_create(),
mmap(), ad infinitum do what I expect. What, no pshared semaphores?
Guess what, the system will tell me that at runtime or I can detect it
at build time and just not support that platform.

Where you run into the most problems are, bugs (UNINTENTIONAL deviation
from the standard) and system-specific things (PAM vs SIA, etc).

The standard allows you to do system specific bug fixes. Without a
standard, it's like trying to take software for Windows and port it to
Mac.

*** man, you want to learn unix sockets, winsock and Mac sockets?
whatever. The differences between the flavors of unix is manageable.

You're twisting my argument and even then, countering poorly.

/fc