Of course, with a memory-safe language, W^X is not a needed mitigation. With runtime compilation, it is, as illustrated here, even in the way.https://twitter.com/TheMichaelBurge/status/978381073506643968 …
-
Show this thread
-
andreasdotorg Retweeted halvarflake
MitiGator to the rescue!https://twitter.com/halvarflake/status/845946208690585600?s=09 …
andreasdotorg added,
1 reply 0 retweets 2 likesShow this thread -
In fact, I'm outraged at the suggestion W^X is of any use here. There's an entry point to EVAL in this process that one can conveniently return into. Chain it up with a call to READ, and bingo, platform independent sploit payload.
1 reply 1 retweet 4 likesShow this thread -
Replying to @andreasdotorg
Almost 8 years later: https://forums.grsecurity.net/viewtopic.php?f=7&t=2521 … How close are we now to your solution of having everything rewritten in a memory-safe language? ;)
3 replies 0 retweets 0 likes
Also, let me highlight that HyperV is written in Verified C.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.