Hey Blue Boar, all, BB> One nice, real improvement that could be made to the x86 family is to have BB> things like real read-only memory segments, real code and data seperation, BB> etc... which is what you need to prevent overflows in hardware. We do have real read-only pages, and they're used all over your system. With PaX you have read-only-not-execute-pages. "Real Code and Data Seperation" -- What do you mean by this ? Generally Palladium is a very stupid move -- they claim at the one end that Palladium is necessary, coz the existing security measures break under the assumption that the trusted computing base cna be violated via a kernel level exploit. Then they propose Palladium as a solution. They do not mention that Palladium fails given the same assumption. Sometimes I really really dislike Microsoft. Cheers, dullienat_private
This archive was generated by hypermail 2b30 : Wed Jul 10 2002 - 12:43:48 PDT