[Info-vax] RMS and SSIO (again)
Simon Clubley
clubley at remove_me.eisner.decus.org-Earth.UFP
Tue Jan 11 13:43:39 EST 2022
On 2022-01-11, John Dallman <jgd at cix.co.uk> wrote:
> In article <srk2oj$nbg$3 at dont-email.me>,
> clubley at remove_me.eisner.decus.org-Earth.UFP (Simon Clubley) wrote:
>
>> Having all the ASLR/KASLR/mandatory access control security in
>> Linux is a very good thing and it should be present in VMS as well.
>
> VMS C 7.4-1, which is current for Alpha and Itanium, also appears to lack
> any form of stack canary system.
>
There was a discussion about this at the time of the DCL CVE and
it turned out there was nothing like this in the DEC compilers.
However, at that time, John was planning to add this to the LLVM
based compilers at some point. I don't know the current status of that.
> Is there a way to mark stacks as non-executable?
>
Do any of the DEC compilers generate code that executes on the stack
at runtime ?
BTW, am I the only one who thinks it's a pity that stacks don't grow
upwards towards higher addresses instead of downwards towards lower
addresses, and with a guard page at the top of the space allocated to
the stack ?
After all, when using virtual memory, the space allocated to the stack
isn't actually allocated from memory until its needed.
Simon.
--
Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.
More information about the Info-vax
mailing list