-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thursday 13 February 2003 08:11 pm, Mark J Roberts wrote: > bdonlan: > > Use an interpreted language. They'll prevent buffer overflows and you can > > unimplement unallowed functions. > > Buffer overflows are the worst offender, but there are plenty of > other ways that programs can be tricked into doing things they never > should be doing. Ruling out those possibilities in advance is > worthwhile. We _have_ this information, and we should _use_ it. Not > using our knowledge that (say) MPlayer needn't access any file but > this one and that one is simply negligence, in my opinion. > > And frankly, it is unlikely that MPlayer is going to be rewritten in > Perl any time soon. The capabilities scheme I propose can be put to > use immediately, with a minimum of effort, on all the myriad bad > code that people have to use.
How do you propose isolating the functions and relocating them using current compilers? Getting them to call library function'd be difficult... > > Just mark the code read-only, and the stack non-executable. > > That would be ideal, I agree, but I get the impression that those > features have not been implemented yet on x86. mmap takes PROT_EXEC under linux - does this flag have any effect? And read-only maps are obviously implemented. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+TRzfx533NjVSos4RAhkuAKCjQvFcb052+IOYtjAhAIcB9OgIHQCfe+um jlTmI0tXqtW3HI+cG7jzU18= =omso -----END PGP SIGNATURE----- _______________________________________________ devl mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org:8080/cgi-bin/mailman/listinfo/devl
