----- Original Message ----- From: Glynn Clements <glynnat_private> To: <BUGTRAQat_private> Sent: Saturday, November 27, 1999 7:22 AM Subject: Re: WordPad/riched20.dll buffer overflow > Christopher Rhodes wrote: > > > I think one of the major problems with the Linux implementation, and > > apparently windows too, is that noone pays attention to the added security > > provided by segmentation (at least to the point of putting the stack on a > > different segment?) > > Having separate non-overlapping stack and data segments causes a great > many problems if you want to be able to write programs in C, given > that a data pointer has to be able to record the address of any > variable, regardless of whether it is static (data segment) or > automatic (stack segment). Looking through the source code some more, I see examples of this. It would completely hose the portability of the source code too. It might be a good exercise to get a copy of the Coriolis book, "Linux Core Kernel Commentary", which has a bunch of these issues addressed, as well as a discussion of the memory model problem in the back. - Jason
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:14:35 PDT