The way I understand it, eliminating the use of executable code in the stack
would not make it necessarily harder to exploit, but just requires the
exploiter to use a different method. Changing the way the stack works would
cause some script writers to have to rewrite their scripts, and all the
script kiddies would be confused for a couple months. In a way, that's
similar to bacteria adapting to a restrictive environment, the exploits
would all eventually be changed to use a different method of taking
advantage of bad code.
In addition, not having exploitable code in the stack could cause
programmers to gain a false sense of security, and not keep track of
possible stack overrun exploits, thinking that since the stack is
non-executable, the attacker cannot exploit it. (Programmers are lazy
folk.) It was mentioned that Linus uses this as a reason not to make the
stack non-executable - he doesn't want to encourage bad code-writing. If
the change is made so that the stack is non-executable, then we could have a
situation where you will end up in worse shape than if you had done nothing,
because people could be writing less secure code. So the analogy with the
antibiotics is fairly accurate, even up to the case where overuse of
antibiotics (i.e. the adoption of a non-executable stack) could cause more
harm than good.
I don't know too much of the advantages of having an executable code stack,
but I have some vague recollections of a CS professor of mine at one time
considering it to be a good thing. I'm not sure, though...I never paid
attention in class. (Paying attention is hard work. I'm lazy, too.)
I'm not going into the whole comparison of severity thing in the analogy,
because I tend to go into mourning when my computer crashes, and as such, my
views may be twisted.
Enough rambling. All this to support the use of an analogy. Blah.
-Jamie
Jerry Eckert wrote:
> Benjamin Scott wrote:
> >
> > Oh, get a grip. The *analogy* works. It is comparing *methods*, not
> >*severity*. Nobody is suggesting crashed computers are the same as dead
> >people!
> >
> > (I hate people who argue against the analogy while missing the point of
> it
> >in the first place....)
>
> And I hate it when people make incorrect assumptions about what I do or
> don't get...
>
> In the software case at a minimum you eliminate some exploits and, at a
> minimum, buy some time until someone figures out how to exploit the new
> environment. I'm not a Unix programmer, but from the description
> I read it
> looks like it would be harder to exploit a buffer overrun to penetrate a
> system (as opposed to crashing an application or the system) with a
> non-executable stack than with an executable stack. If that is the case
> then you've gained something, even if there are still holes. And if it
> isn't the case, you're still no worse off than if nothing had been done.
>
> The reason the situation with the antibiotics is different is that you
> eventually do end up in worse shape than if you had done nothing.
> Infections
> that could have otherwise been successfully treated now can't be,
> resulting
> in more severe illness or loss of life.
>
> Jerry
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
