[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Subject: [IP] another great leap backwood
Those that don't know the past are doomed to reinvent it. Djf ------ Forwarded Message From: RISKS List Owner <risko@csl.sri.com> Date: Sat, 10 May 2003 17:17:39 -0700 (PDT) To: risks@csl.sri.com Subject: Risks Digest 22.72 Date: Sun, 4 May 2003 14:30:51 +0800 From: "Jeremy Ardley" <jeremy@electrosilk.net> Subject: Re: OpenBSD release protects against buffer-overflow attacks (R 22-71) It is commendable that the FreeBSD group is doing protecting against buffer overflow attacks. What is not so apparent is why technology that was developed and operating over 30 years ago is just being re-invented in software. The Burroughs 6700 implemented a hardware solution to the problem by assigning 3 bits of very 51 bit memory location to the type of data contained. Memory that was tagged as data could not be executed. The result was that no stack overflow attack was possible. Today's Intel based fix is appears to be a hack to work around a deficient architecture. The question that arises is why the architecture of today ignores the solid groundwork or previous years? [Because mass-market operating systems don't use the protection that is available in today's hardware. Note that Multics had a similar execute bit solution in 1965 that prevented execution of data. Executable attachments are clearly an abomination. PGN] ------ End of Forwarded Message ------------------------------------- To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [interesting-people Home]
Powered by eList eXpress LLC