From owner-freebsd-current  Tue Sep  1 19:15:45 1998
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id TAA15048
          for freebsd-current-outgoing; Tue, 1 Sep 1998 19:15:45 -0700 (PDT)
          (envelope-from owner-freebsd-current@FreeBSD.ORG)
Received: from godzilla.zeta.org.au (godzilla.zeta.org.au [203.15.68.22])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id TAA15041
          for <current@FreeBSD.ORG>; Tue, 1 Sep 1998 19:15:42 -0700 (PDT)
          (envelope-from bde@godzilla.zeta.org.au)
Received: (from bde@localhost)
	by godzilla.zeta.org.au (8.8.7/8.8.7) id MAA20550;
	Wed, 2 Sep 1998 12:14:40 +1000
Date: Wed, 2 Sep 1998 12:14:40 +1000
From: Bruce Evans <bde@zeta.org.au>
Message-Id: <199809020214.MAA20550@godzilla.zeta.org.au>
To: jdp@polstra.com, reilly@zeta.org.au
Subject: Re: ELF binaries size
Cc: current@FreeBSD.ORG
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

>The mapping of the data in the address space is such that the first
>data page is mapped after the last text page.  So in the address
>space, it looks like this:
>
>        +---+---+---+---+
>text    |   |   |   | : |
>        +---+---+---+---+
>                        +---+---+---+---+
>data                    | : |   |   |   |
>                        +---+---+---+---+
>
>Here, addresses as seen from the program advance horizontally.  The
>tail end of the last text page in your address space will contain the
>beginning of the data.  The beginning of the first data page will
>likewise contain the end of the text.
>
>This does not imply that the program can modify its text.  Remember,
>the pages are mapped copy-on-write.  The data segment can write into
>the leading portion of its first page, but any changes it makes will
>remain invisible to the text segment.

I think it implies that elf wastes a full page of memory (the space
between the ':'s above) most of the time (unless the ':'s are on a
page boundary), while aout only wastes an average of half a page
(the space between the text ':' and the end of the page).

>> Is this a security problem?
>
>I don't think so.  Do you?

Maybe if text is supposed to be unreadable.  The system would have to
clear the part of the first data page before the ':' to prevent leakage.
FreeBSD doesn't seem to do this.

Bruce

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message