Date: Sun, 19 Jul 1998 21:27:11 -0600 From: Warner Losh <imp@village.org> To: dg@root.com Cc: Brett Glass <brett@lariat.org>, Archie Cobbs <archie@whistle.com>, security@FreeBSD.ORG Subject: Re: The 99,999-bug question: Why can you execute from the stack? Message-ID: <199807200327.VAA08432@harmony.village.org> In-Reply-To: Your message of "Sun, 19 Jul 1998 20:20:21 PDT." <199807200320.UAA24309@implode.root.com> References: <199807200320.UAA24309@implode.root.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199807200320.UAA24309@implode.root.com> David Greenman writes: : shared libc, for example - including, but not limited to, execl()). This : wouldn't require anything to execute from the stack, so making the stack : non-executable wouldn't prevent this from working. Which is one reason why I think that having guard pages between each frame may be the only way to cope with this :-(. Unfortunately, this makes things really expensive and slow and won't prevent all attacks. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807200327.VAA08432>