Date: Sat, 25 Jan 2003 20:00:21 +0100 (CET) From: "=?iso-8859-1?q?Pedro=20F.=20Giffuni?=" <giffunip@yahoo.com> To: freebsd-hackers@FreeBSD.org Subject: idea from NetBSD: signal trampoline on libc ? Message-ID: <20030125190021.80728.qmail@web13402.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
Hi;
I was reading an interview about IRIX binary
compatibility on NetBSD, and it looks like they
learned a few tricks.
This article gets into their native implementation of
signals:
http://www.onlamp.com/pub/a/bsd/2002/10/10/irix.html
At the end of the article Emmanuel Dreyfus mentions:
"One other interesting thing to note is that since
that code was written, Jason Thorpe implemented signal
trampolines provided by libc for NetBSD native
processes, thus adopting the same scheme IRIX used.
The libc provided signal trampoline was adopted in
NetBSD because it removes the need to execute code on
the stack. Memory pages mapped on the stack can
therefore be made non executable (the Memory
Management Unit of all modern CPU are able to enforce
such rules), and we are able to fix a whole class of
security problems. With a non executable stack, it is
not possible anymore to exploit a buffer overflow on a
local variable by executing some user-supplied code
stored on the stack."
A drastic change that maybe we should consider?
cheers,
Pedro.
______________________________________________________________________
Yahoo! Cellulari: loghi, suonerie, picture message per il tuo telefonino
http://it.yahoo.com/mail_it/foot/?http://it.mobile.yahoo.com/index2002.html
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030125190021.80728.qmail>