Some quick thoughts on this subject regarding x86 architecture:

- I think we need to define better the term segment, because you also have
selectors in case of flat mode 
- secondly you can provide some protection mechanism using not only rings
but also memory pages and descriptor check, page directory check and page
check itself
- it's not only the problem of protecting memory areas but also what is a
privilege instruction - for example sidt or sldt opcodes used today for
identifying VMWare-alike environments
- accessing other ranges of memory like I/O ports 

Just my 2 cents...
Alex Czarnowski

Secure Coding mailing list (SC-L)
List information, subscriptions, etc -
List charter available at -

Reply via email to