Date: Wed, 30 Aug 1995 01:59:25 -0700 From: David Greenman <davidg@Root.COM> To: Poul-Henning Kamp <phk@critter.tfs.com> Cc: "Jonathan M. Bresler" <jmb@kryten.atinc.com>, Bruce Evans <bde@zeta.org.au>, security@freebsd.org Subject: Re: [8lgm]-Advisory-22.UNIX.syslog.2-Aug-1995 (fwd) Message-ID: <199508300859.BAA04030@corbin.Root.COM> In-Reply-To: Your message of "Wed, 30 Aug 95 00:40:04 PDT." <549.809768404@critter.tfs.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>> the segment descriptors support the text (code) vs data >> identification. this would be a big win regarding security (and writing >> to wild pointers that hit your own code segment ;) > >Why didn't we think of that before ? > >I don't think I have ever seen a program execute anything in the datasegment, >so we should have little trouble with this... Umm, and how are you going to deal with shared libraries or other mapped files that you wish to execute? The best you could hope for would be to limit the code segment to below the stack (to prevent execution of stuff on the stack), but I don't think this would affect the recent syslog problem - wasn't the stack buffer allocated from the data segment? -DG
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199508300859.BAA04030>