> It would appearat first glance that RSX uses the same technique as PAX. > Naturally, the PAX and RSX teams should confer to make a definitive > statement on similarities and differences. Just for the record, the technique bears no similarity. PAX provides real, non-executable PAGES on x86 -- RSX remaps the heap segments outside of the code segment limit. Sometimes it is a pity there is such a grotesque lack of understanding of x86 operating system architecture around. (This is not intendet to be an attack towards anyone, please do not take this personally. It is just a general observation that a lack of understanding can lead to security problems -- see the recent FreeBSD/Solaris patch concerning GDT descriptors which cost Argus half a fortune :-) Generally, I have to agree with Crispins statements to a certain degree: While it is possible to argue that both PAX and RSX are obscurity defenses, at least PAX can, when properly implemented, stop ALL foreign-code execution and make sure only code that resides inside the process address space already can be executed. Cheers, dullienat_private -- Machen Sie Ihr Hobby zu Geld bei unserem Partner 1&1! http://profiseller.de/info/index.php3?ac=OM.PS.PS003K00596T0409a -- GMX - Die Kommunikationsplattform im Internet. http://www.gmx.net
This archive was generated by hypermail 2b30 : Thu Jun 07 2001 - 09:36:59 PDT