Joanna Rutkowska · Oct 1, 2016 · 5:08 PM UTC

Joanna Rutkowska @rootkovska

1 Oct 2016

Totally unrealistic. Think: "do you want to install this program? Yes/No?" Security is more than memory corruption exploits prevention...

PaX Team @paxteam

1 Oct 2016

the whole point of PaX is that you *can* click any OK button without getting owned. not there yet but close :).

PaX Team · Oct 1, 2016 · 5:15 PM UTC

PaX Team @paxteam

1 Oct 2016

and PaX is more than memory corruption prevention. think grsec, sandboxes, etc. it's just not me who does all the work ;).

Joanna Rutkowska · Oct 1, 2016 · 5:17 PM UTC

Joanna Rutkowska @rootkovska

1 Oct 2016

Do you really think you can solve the "user can click anything" problem, while still offering general purpose computing?

PaX Team · Oct 1, 2016 · 5:28 PM UTC

PaX Team @paxteam

1 Oct 2016

sure, that's the whole raison d'etre of my work.

Evil X · Oct 1, 2016 · 5:48 PM UTC

Evil X @Evil_X_

1 Oct 2016

kernel hardening is mandatory but at one point you need userspace work too

PaX Team · Oct 1, 2016 · 6:13 PM UTC

PaX Team · Oct 1, 2016 · 6:13 PM UTC

PaX Team @paxteam

1 Oct 2016

size overflow, RAP, etc work in userland too and we're not done yet ;).

Oct 1, 2016 · 6:13 PM UTC