| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 19 Aug 2003 12:14:47 -0600 From: Theo de Raadt <deraadt@....openbsd.org> To: cwidmer@...c.ethz.ch Cc: bugtraq@...urityfocus.com, misc@....openbsd.org Subject: Re: Buffer overflow prevention > i don't care about other peoples war. but: > > > W^X was invented because we saw the need for it. We had no idea that > > anyone else was working in the same area. > > i think it is somewhat strange. there realy smart people start building > something before they do some research and look if someone else is > doing something similar? PAX was not really published in anything that I read. Compare it to stackghost, a usenix security paper, which we have put some effort at integrating. Our tact was to support it first on cpu's that had a proper X bit in their pte. Ie, sparc64 and alpha and such. Solving the problem on x86 was not on our radar until, lemme think, perhaps while we were eating curry during Usenix Monterey at that Irish pub.... As one of our developers said yesterday: <miod> more exactly, we heard of pax when they started bitching
Powered by blists - more mailing lists