BugTraq
Re: Buffer overflow prevention Aug 19 2003 06:14PM
Theo de Raadt (deraadt cvs openbsd org)
> i don't care about other peoples war. but:
>
> > W^X was invented because we saw the need for it. We had no idea that
> > anyone else was working in the same area.
>
> i think it is somewhat strange. there realy smart people start building
> something before they do some research and look if someone else is
> doing something similar?

PAX was not really published in anything that I read. Compare it to
stackghost, a usenix security paper, which we have put some effort at
integrating.

Our tact was to support it first on cpu's that had a proper X bit in
their pte. Ie, sparc64 and alpha and such. Solving the problem on
x86 was not on our radar until, lemme think, perhaps while we were
eating curry during Usenix Monterey at that Irish pub....

As one of our developers said yesterday:

<miod> more exactly, we heard of pax when they started bitching

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus