Insecure hardware (was Re: gets(3) nonsense)
Daniel R. Levy
levy at ttrdc.UUCP
Fri Dec 2 12:26:00 AEST 1988
In article <14733 at mimsy.UUCP>, chris at mimsy.UUCP (Chris Torek) writes:
> I will, however, note that any number of local changes might have
> moved the address `wwww' far enough to foil the attack. One could
> argue that, perhaps, each process should have a different view of its
> own address space. It would certainly be easy enough to have the
> c startup code move the stack down by a pseudo-random amount....
Couldn't this cause problems in using a debugger? With the stack location
differing from invocation to invocation, pointer values which refer to stack
locations would also differ between otherwise identical runs of a program.
--
|------------Dan Levy------------| THE OPINIONS EXPRESSED HEREIN ARE MINE ONLY
| Bell Labs Area 61 (R.I.P., TTY)| AND ARE NOT TO BE IMPUTED TO AT&T.
| Skokie, Illinois |
|-----Path: att!ttbcad!levy-----|
More information about the Comp.unix.wizards
mailing list