From owner-freebsd-hackers  Wed Sep  9 19:34:53 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id TAA10084
          for freebsd-hackers-outgoing; Wed, 9 Sep 1998 19:34:53 -0700 (PDT)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: from rover.village.org (rover.village.org [204.144.255.49])
          by hub.freebsd.org (8.8.8/8.8.8) with SMTP id TAA10066
          for <freebsd-hackers@freebsd.org>; Wed, 9 Sep 1998 19:34:50 -0700 (PDT)
          (envelope-from imp@village.org)
Received: from harmony [10.0.0.6] 
	by rover.village.org with esmtp (Exim 1.71 #1)
	id 0zGwZ5-0005aX-00; Wed, 9 Sep 1998 20:34:31 -0600
Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.1/8.8.3) with ESMTP id UAA08517 for <freebsd-hackers@freebsd.org>; Wed, 9 Sep 1998 20:35:30 -0600 (MDT)
Message-Id: <199809100235.UAA08517@harmony.village.org>
To: freebsd-hackers@FreeBSD.ORG
Subject: syscalls and the stack
Date: Wed, 09 Sep 1998 20:35:29 -0600
From: Warner Losh <imp@village.org>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


Question:
	do system calls need to be made from the executable stack?  If
this were disallowed, what would break?

	I know that a system like this wouldn't give total security,
but it seems that at the cost of a few instructions per system call
(which could be disabled, if you wanted), one could stop the smash the
stack attacks cold.  This would have the same vulnerabilities as the
Solar Designer patches for Linux.  However, a door that takes extra
care to open is better than no door at all...

Warner

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message