At Tue, 5 Apr 2016 10:03:59 -0400, George Neuner wrote: > On 4/5/2016 9:50 AM, Matthew Flatt wrote: > > Pro tip for pirates: jump to scheme_eval(). > > Would that be possible if Racket implemented W^X?
Yes, as long as an attacker can somehow overwrite a function pointer, W^X won't prevent jumping to scheme_eval() in any way that I can see. More generally, I think Racket offers so many ways to turn data into code that an attacker probably shouldn't bother with techniques to find pages of memory that are specific to JIT and libffi generation. (I do see how W^X could be useful for securing some programs, though.) -- You received this message because you are subscribed to the Google Groups "Racket Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to racket-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
