At 22:52 10/31/2002 +0100, Ulrich Weigand wrote:
while an upwards-growing stack might make some attacks more difficult, you can find other types of attacks.
Absolutely true. And so I'd agree with you that stack direction didn't matter, except that the Standard C library includes some functions that are so open to this particular problem that it's pathetic (e.g. strcpy()).
While in theory applications should not depend on platform implementation issues like the direction of stack growth, in practice there are always some that break. (I think HPPA did go the upwards-growing stack way after all, and there have been quite a few problems surfacing ...)
True, and we've certainly seen a few bugs in Linux kernel modules that accidentally worked on Intel and didn't on S/390 because of the separate kernel and user address spaces. So that's a fair argument for conformity. Ross Patterson
