Date: Wed, 30 Aug 1995 10:47:12 +1000 From: Bruce Evans <bde@zeta.org.au> To: bde@zeta.org.au, jmb@kryten.Atinc.COM Cc: security@freebsd.org Subject: Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 (fwd) Message-ID: <199508300047.KAA09866@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
>> Anyone for execute-protected data by default if the machine can support >> it? Programs that want to execute data should have to request it and >> everything else would be more secure. > the segment descriptors support the text (code) vs data >identification. this would be a big win regarding security (and writing >to wild pointers that hit your own code segment ;) Segment descriptors don't help for the second point because the code and data segments have the same base (virtual address 0). However, text pages should be write protected at the page level. The code segment doesn't need to overlap the data segment but it's more convenient when it does and I don't think gnu ld supports separate I&D. Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199508300047.KAA09866>