Re: gcc puts executable code on the stack frame

[Marcus G. Daniels]

>>>>> "GP" == Gary Polhill <address@hidden> writes:

GP> Is the problem due to Swarm in any way?

Swarm uses a GCC feature called nested functions, or closures.
Closures capture the variable context during the definition of a function
and allow you to pass around that function using your own parameterization.

GP> What is the security risk associated with putting executable code
GP> on the stack? (I.e. what sort of attacks might we be exposing
GP> ourselves to by running programs compiled with gcc?)

If a program runs as root as a daemon or a utility is installed SUID
root (Swarm programs are not), it can be possible to intentionally
overrun buffers in such a way that the control flow of the privileged
program changes, and the clever user gets the root privilege of their
choosing. 

But there is no direct way for a user to simply compile a program and
get root from that program.  The weakness must exist in a daemon or
system utility (or the system library used by the daemon or system
utility) for an injected satanic message to do its thing.

So, the sysadmin removing execute permissions on the stack is either
prudent or cowardly & naïve, depending on how you look at such things. 
Personally, I'd be offended.  ;-)

GP> Other than things people jump up and down on for fun, what the
GP> hell are trampolenes?

It's a way to point a nested function at the variable frame from which
it originated.

                  ==================================
   Swarm-Support is for discussion of the technical details of the day
   to day usage of Swarm.  For list administration needs (esp.
   [un]subscribing), please send a message to <address@hidden>
   with "help" in the body of the message.