ietf
[Top] [All Lists]

Re: filtering active content

2001-07-30 01:40:02
 In your previous mail you wrote:

   Speaking of prevention measures, is there anything in i386
   architecture which can prevent execution of code on the stack, or
   is that exclusive to SPARC architecture?
   
=> you need a read-write-not_executable protection scheme in page
table entries. This is not common as you can see in NetBSD kernel sources
(/usr/src/sys/arch/*/include/pte.h). Of course i386 has not that.
BTW to make the stack not executable has side effects and is not as
effective as one can think.

Regards

Francis(_dot_)Dupont(_at_)enst-bretagne(_dot_)fr

PS: if careful coding is not possible, we should promote safer languages
than C/C++, i.e. bound checking, strong typing, etc.



<Prev in Thread] Current Thread [Next in Thread>