[Info-vax] An old VMS vulnerability, was: Re: Calling standards, was: Re: Byte range locking - was Re: Oracle
Johnny Billquist
bqt at softjar.se
Tue Nov 29 11:45:12 EST 2016
On 2016-11-29 15:43, Stephen Hoffman wrote:
> On 2016-11-29 13:12:20 +0000, Simon Clubley said:
>
>> Also, I really hope that VSI are making liberal use of the no-execute
>> capability in x86-64 for what should be data-only memory pages.
>
> No-execute is only part of the puzzle.
> https://en.wikipedia.org/wiki/Return-oriented_programming ASLR and
> other details are also involved.
Agreed. No-execute on data is not a silver bullet. As always, when
people start talking like it is, I get nervous. Any kind of data
corruption is bad, and have exploit potential. Believing that no
execute, by itself, solves all problems, is just delusion. It might help
stop some exploits, but that data corruption even happened means that
there is some other problem, and that is still there, and can possibly
be used in more ways.
> With OpenVMS memory management on x86-64, the VSI plan to compress user,
> supervisor and executive modes into one processor ring — with some sort
> of software enforcement — looks rather different from previous
> designs. How this all works and how this all performs, we shall learn.
The collapsing of the different processor modes have little to no
bearing on this, I'd say.
But, as you say - we shall learn.
Johnny
More information about the Info-vax
mailing list