Xref: utzoo comp.lang.c:14326 comp.unix.wizards:12921 Newsgroups: comp.lang.c,comp.unix.wizards Path: utzoo!henry From: henry@utzoo.uucp (Henry Spencer) Subject: Re: Insecure hardware (was Re: gets(3) nonsense) Message-ID: <1988Nov28.204018.2079@utzoo.uucp> Organization: U of Toronto Zoology References: <867@cernvax.UUCP> <645@quintus.UUCP> <339@igor.Rational.COM> <644@scotty.UUCP> <288@ispi.UUCP> <2330@cbnews.ATT.COM> Date: Mon, 28 Nov 88 20:40:18 GMT In article <2330@cbnews.ATT.COM> lvc@cbnews.ATT.COM (Lawrence V. Cipriani) writes: >... To what extent can hardware be at fault? Was the one of the >reasons the two processor types were attacked because they would allow >code to be executed in data space? Is this what happened? Some other >machines will produce a core dump if you pull this... One should remember that dynamic code generation (necessarily into the data space) followed by execution of the resulting code can be a very valuable technique for things like interpreters. One can finesse that with a "change data to code" system call, but the system-call overhead can hurt badly. -- SunOSish, adj: requiring | Henry Spencer at U of Toronto Zoology 32-bit bug numbers. | uunet!attcan!utzoo!henry henry@zoo.toronto.edu