It would break everything. Nowdays, Linux (and most OSes afaik) uses a
'flat' memory modell, well at least from the point of view of a process.
This will cause that you can address any part of process memory with a
single offset (it's another question that paging may deny some access). If
you create costum separated segments (with the right limit) for stack, code
and data, you won't address the address space of the process with a single
offset. You will also need segment registers to choose the right selector
which points to the descriptor table. Imho this would break almost anything.
And more: buffer overrun exploits WON'T BE eliminated entirely: let's
inmagine, that you have a char p[40]. If you don't check the data size eg
read to that place it will overwrite memory areas after p. Well, writing a
buffer overrun exploit may be harder but it would not be impossible. By the
way, non-executable stack kernel patches (like Solar Designer's one) made
the stack non-executable too, but that is not a whole solution as well, of
course (and see the problems of that kind of patches, eg gcc trampolines -
or whatever, I can't remember - and so on).
- Gabor
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/