From owner-freebsd-performance@FreeBSD.ORG Thu Jun 26 18:04:27 2003 Return-Path: Delivered-To: freebsd-performance@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ABFE037B401 for ; Thu, 26 Jun 2003 18:04:27 -0700 (PDT) Received: from mail.chesapeake.net (chesapeake.net [208.142.252.6]) by mx1.FreeBSD.org (Postfix) with ESMTP id AA38F43F3F for ; Thu, 26 Jun 2003 18:04:26 -0700 (PDT) (envelope-from jroberson@chesapeake.net) Received: from localhost (jroberson@localhost) by mail.chesapeake.net (8.11.6/8.11.6) with ESMTP id h5R14Og40661; Thu, 26 Jun 2003 21:04:24 -0400 (EDT) (envelope-from jroberson@chesapeake.net) Date: Thu, 26 Jun 2003 21:04:24 -0400 (EDT) From: Jeff Roberson To: "D. J. Bernstein" In-Reply-To: <20030626220945.75399.qmail@cr.yp.to> Message-ID: <20030626210127.O17881-100000@mail.chesapeake.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-performance@freebsd.org Subject: Re: sacrificing performance for confusion X-BeenThere: freebsd-performance@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Performance/tuning List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jun 2003 01:04:28 -0000 On 26 Jun 2003, D. J. Bernstein wrote: > > Using VMM protection to forbid code execution within the DATA, BSS, heap, > > and stack (if one can) mitigates against a common class of problems-- > > I don't believe you. Show me a real program that's (1) vulnerable if > data/bss/heap/stack are executable and (2) invulnerable otherwise. > > Yes, attacks are often written to take advantage of executable stacks; > but, in every case I've investigated, the programs would still have been > vulnerable with non-executable stacks. They would be vulnerable to a denial of service but not to any privilige gaining exploit. Please go spread FUD somewhere else. We're not going to put all of your sections in the same page. Nobody cares. Cheers, Jeff