[cap-talk] Avoid overconfidence (was: Any hope in RSA 2008?)
Eric Northup
Eric.Northup at microsoft.com
Sat Apr 5 19:51:37 CDT 2008
On Saturday, April 05, 2008, Pierre THIERRY wrote:
> Scribit Eric Northup dies 05/04/2008 hora 14:51:
> > The transmitting-data-over-a-read-only-Segment capability flaw was
> > fairly straightforward to attack.
>
> Was that hard to fix?
The minimal fix was a one-liner. I believe I attached a patch along with the initial report.
It was a bit ugly, though, because it caused the definition of a valid address space to become platform-dependent (not just architecture-dependent -- it would end up changing for each of the various flavors of x86 page tables, for example).
-Eric
More information about the cap-talk
mailing list