comex · Jun 21, 2017 · 3:43 AM UTC

comex @comex

21 Jun 2017

if I read between the lines of this @grsecurity post… PaX doesn’t have userland stack proving and thus isn’t immune, despite claim @ start?

PaX Team · Jun 21, 2017 · 11:01 AM UTC

PaX Team @paxteam

21 Jun 2017

what probing do you mean? the kernel doesn't do anything like that, it enforces a heap-stack gap instead (in PaX since 2010AD).

comex · Jun 21, 2017 · 7:40 PM UTC

comex @comex

21 Jun 2017

how large a gap?

PaX Team · Jun 21, 2017 · 8:47 PM UTC

PaX Team @paxteam

21 Jun 2017

it's in the advisory, did you read it? ;)

comex · Jun 21, 2017 · 8:50 PM UTC

comex @comex

21 Jun 2017

i see, 64kb. i suppose it’s the best you can do from the kernel, but the problem is thinking that the problem should be solved in the kernel

comex · Jun 21, 2017 · 8:50 PM UTC

comex @comex

21 Jun 2017

and then claiming it is solved when it’s not :)

PaX Team · Jun 21, 2017 · 9:03 PM UTC

PaX Team · Jun 21, 2017 · 9:03 PM UTC

PaX Team @paxteam

21 Jun 2017

if you read further a bit you'll see how we're saved by our vision of having a coherent set of defenses.

Jun 21, 2017 · 9:03 PM UTC