Date: Tue, 21 Jul 1998 10:39:29 +0100 From: Niall Smart <nialls@euristix.ie> To: Brett Glass <brett@lariat.org> Cc: Alexandre Snarskii <snar@paranoia.ru>, Warner Losh <imp@village.org>, Archie Cobbs <archie@whistle.com>, security@FreeBSD.ORG Subject: Re: The 99,999-bug question: Why can you execute from the stack? Message-ID: <98Jul21.093736bst.19713@gateway.euristix.ie> References: <199807200148.TAA07794@harmony.village.org> <199807200102.SAA07953@bubba.whistle.com> <199807200148.TAA07794@harmony.village.org> <199807201714.LAA19993@lariat.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Brett Glass wrote: > > Waitaminnit. Intel installed, IN THE x86 CHIPS WE ARE NOW USING, special > hardware designed to guard against these exploits. The mechanisms > they designed are called "segments" and "call gates" (among other > things). And what do we do? We turn it off. In fact, Intel sees > so few people using these vital features that it doesn't bother > to speed them up in new CPU models, as they do other parts of > the chip. > > In short, the hackers who want slightly more convenient "flat" > address spaces have contributed in devastating ways to the problems > we have now. Eh? Call gates are entry points to different priviledge levels. I don't see how you intend to use them to stop the problem of the buffer overflow. The primary reason for their existance is to provide OS developers with the ability to layer the OS so that the TCP/IP stack can't munge the VM's data structures for example. Niall To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?98Jul21.093736bst.19713>