On Sun, Feb 22, 2009 at 12:10 PM, Greg Ewing <greg.ew...@canterbury.ac.nz> wrote: >> Tav is interested in using this on app engine, which doesn't care >> about segfaults -- the process is simply restarted, nobody gains >> access to information they shouldn't have. App engine does care about >> overwriting memory, > > That doesn't make sense -- how can something not care > about segfaults, but care about memory overwriting? > If something is capable of causing a segfault, you > can't be sure it won't just corrupt memory in some > way that doesn't segfault but causes some other > problem.
To be more precise, we don't care about crashes caused by NULL pointer dereferencing. Most of the demonstrated crashers work by causing a NULL pointer dereference. Since that crashes immediately, there is no possibility for a further exploit. -- --Guido van Rossum (home page: http://www.python.org/~guido/) _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
