Main Archive Page > Month Archives  > security-basics archives

Re: RE: considerations about exploits tricks

From: <opexoc_at_nospam>
Date: Thu Nov 08 2007 - 13:01:26 GMT
To: security-basics@securityfocus.com

('binary' encoding is not supported, stored as-is)
<<<-----CUT----->>>

So this is a functionality issue for a start. Many systems (eg Internet DNS) do not need the extended functionality provided by Java and other high level languages. In this case - there is a good case to disable code from running out of the data areas, stack and heap. On the other hand, Users want to browse the web etc and as such they want this added feature (ie no heap protection).

<<<-----CUT----->>>

I don't actually understand your last sentence: "Users want to browse the web etc and as such they want this added feature (ie no heap protection)."

So what they want to browse the web? Do you mean Java extension there?

opexoc

• This message: [ Message body ]
• Next message: Dustin Wilcox: "Re: Windows auditor"
• Previous message: ganesh mahadevan: "Fwd: Website\Tool listing version numbers of sec tools ?"
• Maybe in reply to: Craig Wright: "RE: considerations about exploits tricks"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]