Linked by Amjith Ramanujam on Mon 11th Aug 2008 16:13 UTC, submitted by gonzo
Privacy, Security, Encryption Ars Technica has analyzed recently publicized Vista's security flaws. "Unfortunate, yes, but not as was reported in the immediate aftermath of the presentation evidence that Vista's security is useless, nor does this work constitute a major security issue. And it's not game over, either. Sensationalism sells, and there's no news like bad news, but sometimes particularly when covering security issues, it would be nice to see accuracy and level-headedness instead. ... Furthermore, these attacks are specifically on the buffer overflow protections; they do not circumvent the IE Protected Mode sandbox, nor Vista's (in)famous UAC restrictions."
Thread beginning with comment 326628
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[5]: Comment by Soulbender
by kerframil on Tue 12th Aug 2008 22:28 UTC in reply to "RE[4]: Comment by Soulbender"
kerframil
Member since:
2005-07-13

> However, the parent stated that neither Linux nor Mac had memory
> protections. I know enough to see this is incorrect - so that fact you
> may know more than me doesn't make my point any less valid.

In that case I apologise as I hadn't realised the context of your comment. The parent would be incorrect to say so (although I cannot speak for Mac OS X) and indeed, to counter that is absolutely valid.

The part I was really concerned about was the assertion that Linux had had address space randomization for a "long time" and the closing remark. This led me to believe that perhapse your view of the situation with Linux was somewhat rose-tinted ;)

For the record, the main reason for my response was to sound a cautionary note. Yes, there are some excellent hardening technologies - maybe even best-of-breed - that can be used in conjunction with Linux (see below). However, they are not mainstream and, where they are adopted by the well-known distros or in the mainline kernel itself, they seem to be implemented only partially or sub-optimally. That said, the situation is improving, albeit slowly.

> Honest question: will Vista's NX protection work without NX
> being present in hardware?

Well, sort of. The term DEP is a little misleading in this case as it does not offer the W^X memory protection that hardware-enforced DEP does. What it does do is to offer a form of stack protection via SAFESEH (Safe Structure Exception Handling). As I understand it, Microsoft's C++ compiler supports a /SAFESEH flag which, where the x86 architecture is concerned, instructs the linker to integrate a table of safe exception handlers into the header of the application binary. Of course, only applications that are built in this manner will benefit from this protection (which touches again on the interesting matter of some hardening technologies requiring co-operation over in userland). There is an interesting paper about it here:

http://www.nextgenss.com/papers/defeating-w2k3-stack-protection.pdf

Going back to the topic of W^X memory protection, note that both PaX and Exec Shield helpfully support the emulation of a NX bit in software on x86 so that, where a hardware NX bit is not available, there need be no impact on the level of security provided. PaX itself supports two different schemes, one of which entails a performance tradeoff (PAGEEXEC) and the other of which entails a memory tradeoff (SEGMEXEC). For anyone interested, there is an old-but-still-relevant article about it here:

http://www.pjvenda.org/linux/doc/pax-performance/

EDIT: changed "was incorrect" to "would be incorrect" so as to avoid any potential misunderstanding of what the aforementioned parent had intended to say

Edited 2008-08-12 22:44 UTC

Reply Parent Score: 1

StaubSaugerNZ Member since:
2007-07-13

Thank you for taking the time to explain the details further.

I agree with you. Like most things in Linux, you can get a really good solution to the problem - but only if know what you are doing and expend effort. Unfortunately most of us have limited time and expertise, but it is not to say it can't be done.

Credit where credit is due, Vista certainly is an improvement for the "Average Joe" that involves no effort on their part.

Reply Parent Score: 2