Anyone protecting the stack?

David Rhodus drhodus at catpa.com
Thu Sep 18 20:41:25 PDT 2003


On Thursday, September 18, 2003, at 09:28 PM, Bill Huey (hui) wrote:

On Thu, Sep 18, 2003 at 06:15:12PM -0700, Kip Macy wrote:
Anything doing dynamic translation is going to need to generate and
execute code outside of its code segment. I don't know this for sure,
but probably even VMWare does this as there are a number of privileged
x86 instructions that don't trap. I would probably just make it
controlled by a securelevel or sysctl. How many people want to run 
java
on a locked down machine? Those select few could just disable it at
kernel configure time.
Java is a pretty secure inside the VM core itself. It's when you start
Actually most vendors push that statement, but in reality that has been
proven to be a false statement.





More information about the Kernel mailing list