Executable memory: further programs that fail
Tim Daly
daly at rio.sci.ccny.cuny.edu
Mon Nov 24 18:40:33 UTC 2003
Ingo,
I've read your page and I understand the ascii-armor issue.
There is an assumption, which is not true in general, that
"code" and "data" are separate objects. In the trivial case
the loader treats code as data. Lisp systems do this all the
time.
It might be more reasonable to apply exec-shield on a per-program
or per-process basis. In particular, the normal exploits happen
thru programs that access the net. Applying default security to
net-enabled programs (e.g. anything that accesses a socket) might
be more reasonable.
My particular objection isn't really to the non-executable stack.
I react to the notion that shared libraries can be placed
"at random" in free space. Lisp systems, database systems,
numeric systems (e.g. large matrix computations), all rely on
large, contiguous blocks of storage. In fact the size of the
problem they can handle depends on the size of contiguous
storage. I don't understand why fragmenting free storage
helps security. I certainly understand why it hurts certain
applications.
Tim Daly
axiom at tenkan.org
daly at idsi.net
More information about the fedora-devel-list
mailing list