Re: Preventing exploitation with rebasing

From: Carolyn Meinel (cmeinelat_private)
Date: Thu Feb 06 2003 - 15:29:47 PST

Next message: Jason Coombs: "RE: Preventing exploitation with rebasing"

Previous message: Jason Coombs: "RE: Microsoft Security Bulletin MS03-005: Unchecked Buffer in Windows Redirector Could Allow Privilege Elevation (810577)"
In reply to: Seth Breidbart: "Re: Preventing exploitation with rebasing"
Next in thread: Fred Cohen: "Preventing exploitation with rebasing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wednesday 05 February 2003 16:07, Seth Breidbart wrote:
> Even under the assumption that locations aren't re-used, it's
> provably impossible (Turing-complete) to determine whether the
> contents of a location can be used as an address by a program.

Would that be more accurately not impossible, but "intractable"? With a 
small enough and simple enough program it is possible to analyze 
whether its implementation on a Turing Machine will reach a halting 
point. What the Turing Machine Halting Problem proves is that for an 
arbitrary tape, calculation of the upper bound on the number of moves 
the read-write head must make to determine whether there is a halting 
state is an "intractable" problem.

What this rebasing discussion comes down to is: to what extent may one 
simplify operation of a program by limiting inputs by obfuscating ports 
(as defined in finite state machine theory, a subset of the Turing 
Machine) that could accept input of exploits?

Better yet, how about eliminating buffer overflow-generated ports by 
using a programming language that doesn't automagically lend itself to 
buffer overflows? There are, after all, languages other than C and 
Fortran, and memory is no longer ferrite cores strung together with 
copper wires by Taiwanese ladies and leased, not sold, by IBM. So we 
don't really need the extreme and bug-prone measures of yesteryear to 
save on RAM use.

Using more modern languages can also reduce the temptation to reuse 
crufty code:)

Two excellent books relevant to this discussion are "Building Secure 
Software" by Viega and McGraw, and "Computers and Intractability" by 
Garey and Johnson.

-- 
"I see in the near future a crisis approaching that unnerves me and 
causes me to tremble for the safety of my country. As a result of the 
war, corporations have been enthroned and an era of corruption in high 
places will follow, and the money power of the country will endeavor to 
prolong its reign by working on the prejudices of the people until all 
wealth is aggregated in a few hands, and the Republic is destroyed."
-- Abraham Lincoln in a letter to William F. Elkins, Nov 21st, 1864

505-281-9675
http://techbroker.com
http://happyhacker.org

Gravity. It's not just a good idea. It's the law.

Next message: Jason Coombs: "RE: Preventing exploitation with rebasing"
Previous message: Jason Coombs: "RE: Microsoft Security Bulletin MS03-005: Unchecked Buffer in Windows Redirector Could Allow Privilege Elevation (810577)"
In reply to: Seth Breidbart: "Re: Preventing exploitation with rebasing"
Next in thread: Fred Cohen: "Preventing exploitation with rebasing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Feb 07 2003 - 08:51:55 PST