Date: Tue, 17 Nov 2015 17:11:39 -0500 From: Rich Felker <dalias@...c.org> To: oss-security@...ts.openwall.com Subject: Re: Re: Fwd: x86 ROP mitigation On Tue, Nov 17, 2015 at 01:52:07PM -0500, Daniel Micay wrote: > Is that really the right approach vs. preventing hijacking of flow > control via return pointers and function pointers? It doesn't really > seem like there's an end game in mind where it actually prevents ROP > rather than just removing many useful gadgets. Making useful ROP gadgets > harder to find doesn't mean much, since tools are used to find them and > the tools can be improved if it becomes necessary. > > i.e. why not just go with something like PaX's RAP My understanding is that it's not ABI-compatible with non-RAP code, so you'd essentially be going with a whole new ABI. If so, this is going to be completely impractical for most users. Am I mistaken? Rich
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ