They are working on it. Given another 30 to 40 years it might happen
as people learn how to handle such stuff. And odds on the final resulting
code will _not_ be written in C by then
In the mean time "hacks" like that are saving ISP's millions of dollars.
Thats production reality versus technical perfection
> Because once the class of exploits is fixed in the applications, the
> kernel hack no longer is relevant. And given this situation, the
Wrong. Nobody has or is likely to achieve a set of formal proofs for
correctness of every random application. Thats also another reason why
C is unlikely to remain a language of choice for "secure" applications.
And here secure means "any application that interacts directly or indirectly
with untrusted data" - ie most of them.
> The golden rule is, if it can be fixed in userspace, make doing it
> there the preferred solution if it makes sense. And here it makes
> sense.
Definitely. Hence Im most interested to see if the "sane hardware" case
of nonexec stack can be done by ld.so
Alan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html