On Sat, 25 Jan 2003, [iso-8859-1] Pedro F. Giffuni wrote: > Hi; > > I was reading an interview about IRIX binary > compatibility on NetBSD, and it looks like they > learned a few tricks. > > This article gets into their native implementation of > signals: > > http://www.onlamp.com/pub/a/bsd/2002/10/10/irix.html > > At the end of the article Emmanuel Dreyfus mentions: > > "One other interesting thing to note is that since > that code was written, Jason Thorpe implemented signal > trampolines provided by libc for NetBSD native > processes, thus adopting the same scheme IRIX used. > The libc provided signal trampoline was adopted in > NetBSD because it removes the need to execute code on > the stack. Memory pages mapped on the stack can > therefore be made non executable (the Memory > Management Unit of all modern CPU are able to enforce > such rules), and we are able to fix a whole class of > security problems. With a non executable stack, it is > not possible anymore to exploit a buffer overflow on a > local variable by executing some user-supplied code > stored on the stack."
I think Jake already did this for sparc64, and Jon Mini was working on doing it for i386. -- Dan Eischen To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
