Date: Sat, 25 Jan 2003 15:45:46 -0500 (EST) From: Daniel Eischen <eischen@pcnet1.pcnet.com> To: "=?iso-8859-1?q?Pedro=20F.=20Giffuni?=" <giffunip@yahoo.com> Cc: freebsd-hackers@FreeBSD.ORG Subject: Re: idea from NetBSD: signal trampoline on libc ? Message-ID: <Pine.GSO.4.10.10301251544120.28889-100000@pcnet1.pcnet.com> In-Reply-To: <20030125190021.80728.qmail@web13402.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 25 Jan 2003, [iso-8859-1] Pedro F. Giffuni wrote: > Hi; > > I was reading an interview about IRIX binary > compatibility on NetBSD, and it looks like they > learned a few tricks. > > This article gets into their native implementation of > signals: > > http://www.onlamp.com/pub/a/bsd/2002/10/10/irix.html > > At the end of the article Emmanuel Dreyfus mentions: > > "One other interesting thing to note is that since > that code was written, Jason Thorpe implemented signal > trampolines provided by libc for NetBSD native > processes, thus adopting the same scheme IRIX used. > The libc provided signal trampoline was adopted in > NetBSD because it removes the need to execute code on > the stack. Memory pages mapped on the stack can > therefore be made non executable (the Memory > Management Unit of all modern CPU are able to enforce > such rules), and we are able to fix a whole class of > security problems. With a non executable stack, it is > not possible anymore to exploit a buffer overflow on a > local variable by executing some user-supplied code > stored on the stack." I think Jake already did this for sparc64, and Jon Mini was working on doing it for i386. -- Dan Eischen To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.GSO.4.10.10301251544120.28889-100000>