|
|
BugTraq
http://www.smashguard.org Jan 30 2004 11:34PM Hilmi Ozdoganoglu (cyprian purdue edu) (2 replies) RE: http://www.smashguard.org Feb 03 2004 12:36PM Dave Paris (dparis w3works com) (2 replies) RE: http://www.smashguard.org Feb 06 2004 08:29PM Hilmi Ozdoganoglu (cyprian purdue edu) (3 replies) Re: http://www.smashguard.org Feb 07 2004 11:44PM Crispin Cowan (crispin immunix com) (2 replies) Re: http://www.smashguard.org Feb 07 2004 03:27PM Theo de Raadt (deraadt cvs openbsd org) (1 replies) |
|
Privacy Statement |
>>>The idea is not to create "custom CPUs" but to have our modification
>>>picked up by major vendors. Clearly there is interest in applying
>>>hardware to solve security issues based on the latest press releases
>>>
>>>
>>>from AMD that AMD chips include buffer-overflow protection (see
>>
>>
>>>Computer World, January 15, 2004).
>>>
>>>
>>>
>>As Theo said, the AMD buffer overflow "protection" is nothing more than
>>sensible separation of R and X bits per page, fixing a glaring and
>>
>>
>
>Actually it is not "sensible", and it is not separation.
>
>You can have r--, r-x, but you can't have --x.
>
>
But that is *exactly* what is meant by "separation" of R and X.
I have no idea what you mean by it not being "sensible". Most every CPU
I have ever seen does this except the x86. Someone apparently thought
there was no value in separate R and X bits for the i386 back in the
mid-80s. It was a false economy :)
Crispin
--
Crispin Cowan, Ph.D. http://immunix.com/~crispin/
CTO, Immunix http://immunix.com
Immunix 7.3 http://www.immunix.com/shop/
[ reply ]