security - Runtime stack should not be executable -
i'm reading security in embedded systems,and came on statement: "the web browser’s runtime stack should not executable.". aware of stack is, , how works, i'm having hard time understanding not being executable means. mean should not able change stack @ runtime, or something?
for von neumann architecture (the common today), programs , data stored in same memory. so, there has distionction of program , data. moreover, without control of executed, many programs can malicious jobs. 1 way prevent malicious programs doing bad things is, @ execution of program, load code in read only, executable memory region , use stack writable memory region cannot executed.
there thing called program counter points current instruction being executed. program may change value point stack , execute malitious instructions there, can recieved on network, example, givin access unauthorized person machine.
also, in linux operating system, there permission system allows specify whether file can executed or not , persons.
this thread: linux process memory scheme has pretty explicit image of how memory of process organised. text section, contains code, executabile (this means program counter can point memory cell in region).
Comments
Post a Comment