Xref: utzoo comp.lang.c:14390 comp.unix.wizards:12995 Path: utzoo!utgpu!attcan!uunet!tektronix!tekcrl!terryl From: terryl@tekcrl.CRL.TEK.COM Newsgroups: comp.lang.c,comp.unix.wizards Subject: Re: Insecure hardware (was Re: gets(3) nonsense) Message-ID: <3335@tekcrl.CRL.TEK.COM> Date: 29 Nov 88 18:39:33 GMT References: <867@cernvax.UUCP> <645@quintus.UUCP> <339@igor.Rational.COM> <4869@bsu-cs.UUCP> <14733@mimsy.UUCP> <1189@cps3xx.UUCP> Reply-To: terryl@tekcrl.CRL.TEK.COM Organization: Tektronix, Inc., Beaverton, OR. Lines: 33 In article <1189@cps3xx.UUCP> rang@cpswh.cps.msu.edu (Anton Rang) writes: >One quick note here... > >Chris Torek (chris@mimsy.UUCP), in article 14733@mimsy.UUCP, writes: >>Now, if the VAX hardware had refused to execute data pages---perhaps >>by refusing to execute any pages with user-write permission enabled--- >>the worm could not have run code off the stack. > > VAX processors do have separate bits for read, write, and execute on >each page (I seem to vaguely recall one more). The problem lies with >the implementation of BSD and Ultrix, which leave the stack >executable; I can't see any reason for this offhand. BBBBUUUUUZZZZ!!!!! Wrong answer... The VAX only has read/write permissions per page, but it does have 4 different access modes per page (kernel, executive, supervisor, & user), with each access mode having its own independent permissions per page... Boy Do I Hate Inews !!!! !!!! PS: Don't tell me about the various different ways around the infamous "rn" included line count problem; I know all of them. I just like to complain about fascist software!!!! (-: