Howdy, This paper+presentation "Attacking Client Side JIT Compilers" describes many new exploitation techniques that JITs open up:
http://www.matasano.com/research/jit/ They also do a very good job of explaining how all the most common JITs currently work and how the attempt to prevent these kinds of attacks. Well worth a read, and should serve as a lesson to us: Security needs to be thought of from day one when designing a JIT. Duke -- Jonathan "Duke" Leto <[email protected]> Leto Labs LLC 209.691.DUKE // http://labs.leto.net NOTE: Personal email is only checked twice a day at 10am/2pm PST, please call/text for time-sensitive matters. _______________________________________________ http://lists.parrot.org/mailman/listinfo/parrot-dev
