Insecure hardware (was Re: gets(3) nonsense)
Henry Spencer
henry at utzoo.uucp
Tue Nov 29 06:40:18 AEST 1988
In article <2330 at cbnews.ATT.COM> lvc at cbnews.ATT.COM (Lawrence V. Cipriani) writes:
>... To what extent can hardware be at fault? Was the one of the
>reasons the two processor types were attacked because they would allow
>code to be executed in data space? Is this what happened? Some other
>machines will produce a core dump if you pull this...
One should remember that dynamic code generation (necessarily into the
data space) followed by execution of the resulting code can be a very
valuable technique for things like interpreters. One can finesse that
with a "change data to code" system call, but the system-call overhead
can hurt badly.
--
SunOSish, adj: requiring | Henry Spencer at U of Toronto Zoology
32-bit bug numbers. | uunet!attcan!utzoo!henry henry at zoo.toronto.edu
More information about the Comp.unix.wizards
mailing list