> 10 pts to the first person using this approach to dlopen for full > arbitrary execution :) > > so which is more useful in practice, NX or ASLR?
NX + ASLR + PIE/RANDEXEC ;) [oh well, someone could argue, not having bug at all.] BTW, I don't like the statement in the paper which basically considers the efforts into the deployment of "W^X approaches" a consequence of understimating ret-into-* (libc/text/code chunks/gadgets) attacks. W^X just addresses different problems. PIE and RANDEXEC are the real opponents to those attacks and it's a bit bad that they are not mentioned at all in the paper. - twiz _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
