Xref: utzoo comp.lang.c:14504 comp.unix.wizards:13127
Path: utzoo!utgpu!watmath!clyde!att!rutgers!deimos!uxc!tank!mimsy!eneevax!haven!vrdxhq!bms-at!stuart
From: stuart@bms-at.UUCP (Stuart Gathman)
Newsgroups: comp.lang.c,comp.unix.wizards
Subject: Re: Insecure hardware (was Re: gets(3) nonsense)
Summary: Split I&D doesn't help
Message-ID: <128@bms-at.UUCP>
Date: 2 Dec 88 19:36:22 GMT
References: <867@cernvax.UUCP> <645@quintus.UUCP> <339@igor.Rational.COM> <8995@smoke.BRL.MIL>
Organization: Business Management Systems, Inc., Fairfax, VA
Lines: 9


Although the code space can't be modified, a virus can selectively
execute portions of the code space in any desired sequence by modifying
the stack in a split I&D process.  It doesn't take much imagination
to see what might be done with the library code included with a
typical program.  exec() is only one possibility.
-- 
Stuart D. Gathman	
			<..!{vrdxhq|daitc}!bms-at!stuart>