[16727] in bugtraq
Re: machine independent protection from stack-smashing attack
daemon@ATHENA.MIT.EDU (Michael Nelson)
Tue Sep 12 00:27:55 2000
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID: <Pine.LNX.4.21.0009111707080.3079-100000@dingo.sta.cathedral.org>
Date: Mon, 11 Sep 2000 17:08:44 -0400
Reply-To: Michael Nelson <mikenel@IAPETUS.COM>
From: Michael Nelson <mikenel@IAPETUS.COM>
X-To: Yarrow Charnot <ycharnot@IDENTIKEY.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <NEBBKKLHLKDPHIKBMCGDCENBCAAA.ycharnot@identikey.com>
On Mon, 11 Sep 2000, Yarrow Charnot wrote:
> In other words, if the attribute READ is set, the page is automatically made
> EXECUTABLE. If you trace NT and 9X kernels up to the point where they set
> that attribute, they ignore your request to make it READ-ONLY
> (NON-EXECUTABLE) on purpose. What purpose? Who on Earth would want to keep
> your data segments executable??? If you want to make it executable, one call
> to this function enables it for you! Why did they restrict its behaviour
> completely disallowing *READ ONLY* pages???
Intel X86 does not support exec/noexec on a per-page basis.
-mike
