Vandoorselaere Yoann <yoann@mandrakesoft.com>
> Jesse Pollard <pollard@tomcat.admin.navo.hpc.mil> writes:
> > Neither LISP nor Ada requires execution on stack. Some languages implement
>
> I'm not sure for lisp,
> but netsted subprograms are extremely common in ADA.
> gcc use trampoline to implement them.
Nested procedures are common in many languages. Most of them choose not to
implement them using trampoline code. It was convienent for gcc to use them,
that doesn't mean it is the Only True Way.
> > traps that way, but it is not required that they do so. That is up to the
> > implementation.
>
> The only way for this kind of program to workaround unexecutable
> stack is to mprotect the stack...
> So what do you do ? do you fix all the program... or the kernel ?
If you must use such code, then don't restrict the stack.
> > BTW, the execve can't be on the stack. The penetration
> > must put the address of an already existing execve system call on the
> > stack. Only parameters can be on the non-executable stack.
>
> Agree,
> but executable stack will, *in all case* give a false sence of security.
So do passwords, but that doesn't mean that they don't help. It's only
a nail that holds a single single on the roof. It isn't the roof.
-------------------------------------------------------------------------
Jesse I Pollard, II
Email: pollard@navo.hpc.mil
Any opinions expressed are solely my own.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Apr 23 2000 - 21:00:13 EST