----- Original Message -----
From: Glynn Clements <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Saturday, November 27, 1999 7:22 AM
Subject: Re: WordPad/riched20.dll buffer overflow
> Christopher Rhodes wrote:
>
> > I think one of the major problems with the Linux implementation, and
> > apparently windows too, is that noone pays attention to the added
security
> > provided by segmentation (at least to the point of putting the stack on
a
> > different segment?)
>
> Having separate non-overlapping stack and data segments causes a great
> many problems if you want to be able to write programs in C, given
> that a data pointer has to be able to record the address of any
> variable, regardless of whether it is static (data segment) or
> automatic (stack segment).
Looking through the source code some more, I see examples of this. It would
completely hose the portability of the source code too. It might be a good
exercise to get a copy of the Coriolis book, "Linux Core Kernel Commentary",
which has a bunch of these issues addressed, as well as a discussion of the
memory model problem in the back.
- Jason
