sacrificing performance for confusion

Jeff Roberson jroberson at
Thu Jun 26 18:04:28 PDT 2003

On 26 Jun 2003, D. J. Bernstein wrote:

> > Using VMM protection to forbid code execution within the DATA, BSS, heap,
> > and stack (if one can) mitigates against a common class of problems--
> I don't believe you. Show me a real program that's (1) vulnerable if
> data/bss/heap/stack are executable and (2) invulnerable otherwise.
> Yes, attacks are often written to take advantage of executable stacks;
> but, in every case I've investigated, the programs would still have been
> vulnerable with non-executable stacks.

They would be vulnerable to a denial of service but not to any privilige
gaining exploit.

Please go spread FUD somewhere else.  We're not going to put all of your
sections in the same page.  Nobody cares.


More information about the freebsd-performance mailing list