SecurityFocus

Re: Preventing exploitation with rebasing Feb 05 2003 10:29AM
David Litchfield (david ngssoftware com) (4 replies)

Re: Preventing exploitation with rebasing Feb 05 2003 10:43PM
Bugtraq User (bq soft-analysts com)

Re: Preventing exploitation with rebasing Feb 05 2003 09:30PM
Todd Sabin (tsabin optonline net) (1 replies)

Re: Preventing exploitation with rebasing Feb 06 2003 12:07AM
Seth Breidbart (sethb panix com) (2 replies)

Re: Preventing exploitation with rebasing Feb 06 2003 11:29PM
Carolyn Meinel (cmeinel techbroker com)

On Wednesday 05 February 2003 16:07, Seth Breidbart wrote:
> Even under the assumption that locations aren't re-used, it's
> provably impossible (Turing-complete) to determine whether the
> contents of a location can be used as an address by a program.

Would that be more accurately not impossible, but "intractable"? With a
small enough and simple enough program it is possible to analyze
whether its implementation on a Turing Machine will reach a halting
point. What the Turing Machine Halting Problem proves is that for an
arbitrary tape, calculation of the upper bound on the number of moves
the read-write head must make to determine whether there is a halting
state is an "intractable" problem.

What this rebasing discussion comes down to is: to what extent may one
simplify operation of a program by limiting inputs by obfuscating ports
(as defined in finite state machine theory, a subset of the Turing
Machine) that could accept input of exploits?

Better yet, how about eliminating buffer overflow-generated ports by
using a programming language that doesn't automagically lend itself to
buffer overflows? There are, after all, languages other than C and
Fortran, and memory is no longer ferrite cores strung together with
copper wires by Taiwanese ladies and leased, not sold, by IBM. So we
don't really need the extreme and bug-prone measures of yesteryear to
save on RAM use.

Using more modern languages can also reduce the temptation to reuse
crufty code:)

Two excellent books relevant to this discussion are "Building Secure
Software" by Viega and McGraw, and "Computers and Intractability" by
Garey and Johnson.

--
"I see in the near future a crisis approaching that unnerves me and
causes me to tremble for the safety of my country. As a result of the
war, corporations have been enthroned and an era of corruption in high
places will follow, and the money power of the country will endeavor to
prolong its reign by working on the prejudices of the people until all
wealth is aggregated in a few hands, and the Republic is destroyed."
-- Abraham Lincoln in a letter to William F. Elkins, Nov 21st, 1864

505-281-9675
http://techbroker.com
http://happyhacker.org

Gravity. It's not just a good idea. It's the law.

[ reply ]

Re: Preventing exploitation with rebasing Feb 06 2003 05:50PM
Richard Moore (rich westpoint ltd uk)

Re: Preventing exploitation with rebasing Feb 05 2003 08:48PM
D.C. van Moolenbroek (dc van moolenbroek chello nl)

Re: Preventing exploitation with rebasing Feb 05 2003 08:36PM
Michal Zalewski (lcamtuf coredump cx)