Date: Wed, 8 Dec 1999 17:19:18 -0800 (PST) From: Alfred Perlstein <bright@wintelcom.net> To: Brett Glass <brett@lariat.org> Cc: Roelof Osinga <roelof@nisser.com>, Jonathon McKitrick <jcm@dogma.freebsd-uk.eu.org>, Kris Kennaway <kris@hub.freebsd.org>, freebsd-chat <chat@FreeBSD.ORG> Subject: Re: Yahoo hacked last night Message-ID: <Pine.BSF.4.21.9912081716440.4557-100000@fw.wintelcom.net> In-Reply-To: <4.2.0.58.19991208172738.0495eef0@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 8 Dec 1999, Brett Glass wrote: > At 04:03 PM 12/8/1999 , Alfred Perlstein wrote: > > >The problem is that memory protection can really only be done in > >page-sized chunks. > > Not so. The Intel segmentation architecture allows much smaller > granularity (the exact amount depending on the size of the segment). > Intel originally intended to let you use segmentation to do REALLY good > protection of the stack, code segments, arrays, even individual stack > frames and objects. > > Unfortunately, programmers soured on the old, 16-bit version of > the segmented architecture and didn't take advantage of segmentation > when Intel fixed it in the 386. Microsoft, in particular, blamed > segmentation for its problems in implementing Windows and OS/2 when > the fault really lay elsewhere. Alas, programmers bought it. The > result: OSes stopped using segmentation. > > So, Intel had no incentive to make the instructions which manipulated > segments fast. To this day, Pentiums support them only for downward > compatibility and to allow the implementation of VMs. The segmentation > instructions are microcoded rather than hardwired, and can cause > expensive pipeline stalls or (worse) flushes if you use them. So they really can only be done in page sized chunks... :) > >The stack is executable, check the mailing lists for "trampoline" > >this hasn't come up in almost a year. > > The stack needn't be executable. A compiler can EASILY create > "trampolines" (also called "thunks") in portions of RAM other than the > stack. GCC doesn't, but that's just a misfeature. I never said it must be, I just gave a reference to why. -Alfred To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.9912081716440.4557-100000>