Date: Mon, 20 Jul 1998 11:14:33 -0600 From: Brett Glass <brett@lariat.org> To: Alexandre Snarskii <snar@paranoia.ru>, Warner Losh <imp@village.org>, Archie Cobbs <archie@whistle.com> Cc: security@FreeBSD.ORG Subject: Re: The 99,999-bug question: Why can you execute from the stack? Message-ID: <199807201714.LAA19993@lariat.lariat.org> In-Reply-To: <19980720152932.42290@nevalink.ru> References: <199807200148.TAA07794@harmony.village.org> <199807200102.SAA07953@bubba.whistle.com> <199807200148.TAA07794@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Waitaminnit. Intel installed, IN THE x86 CHIPS WE ARE NOW USING, special hardware designed to guard against these exploits. The mechanisms they designed are called "segments" and "call gates" (among other things). And what do we do? We turn it off. In fact, Intel sees so few people using these vital features that it doesn't bother to speed them up in new CPU models, as they do other parts of the chip. In short, the hackers who want slightly more convenient "flat" address spaces have contributed in devastating ways to the problems we have now. --Brett Glass At 03:29 PM 7/20/98 +0400, Alexandre Snarskii wrote: >On Sun, Jul 19, 1998 at 07:48:30PM -0600, Warner Losh wrote: >> >> One way to "solve" this problem would be to have all calls push a >> "guard" page that could be unmapped. This would solve the stack >> overflow problems, but not all overflows. Again, this is at a huge >> price which I don't think I'd want to pay. >> >> Another high cost option would be to have a purify/checker-like >> functionality compiled into everything and cause a segv or some other >> generally fatal signal. This would solve all the overflows, but again >> at a huge price. > >At huge computing price. Measured in seconds, spent by processor >to perform needed computing. As for me, the cost of upgrade to >computers, which will perform these computing is much less >than the cost of every outage caused by remote exploit. >Just my 2 cents. >-- >Alexandre Snarskii >the source code is included > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807201714.LAA19993>