[Info-vax] RMS and SSIO (again)

[Simon Clubley]

On 2022-01-11, John Dallman <jgd at cix.co.uk> wrote:
> In article <srkj4r$m7g$2 at dont-email.me>,
> clubley at remove_me.eisner.decus.org-Earth.UFP (Simon Clubley) wrote:
>
>> However, at that time, John was planning to add this to the LLVM
>> based compilers at some point. I don't know the current status of 
>> that.
>
> Most of that will come free with the LLVM compilers. The thing that will
> probably be different is the error generation when checks are failed. On
> OSes where I've used stack buffer overflow protection, failing a check
> generally terminates the process. 
>

In addition to the usual suspects, John was also talking at the time
about seeing if this could be added into the Macro-32 and BLISS compilers
due to the amount of code in VMS which is written in those languages.

>> Do any of the DEC compilers generate code that executes on the stack
>> at runtime ?
>
> I doubt it. 
>

Do any of the DEC compilers generate trampoline functions on the stack ?

> The point of making the stack non-executable is to make an attacker's job
> in exploiting security holes harder. If an attacker can upload exploit
> code (often called "shell code") into a stack buffer and run it there,
> that's easier than finding a way to upload the exploit code into heap
> memory. 
>

VMS also has user-writable locations in a process whose contents survive
image rundown and which don't exist in other operating systems, for example,
the common area buffer and user logicals.

They were both executable on VAX and Alpha but at least the common
area buffer was apparently made non-executable on Itanium and above.
I would hope the user logicals were as well, but I don't know that
for sure.

Hopefully, anything else user-writable which survives image rundown
will also be non-executable these days.

Simon.

-- 
Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.