View Single Post
Old 31 July 2015, 19:41   #121
Mrs Beanbag
Glastonbridge Software
Mrs Beanbag's Avatar
Join Date: Jan 2012
Location: Edinburgh/Scotland
Posts: 2,202
Originally Posted by meynaf View Post
How does it do that ? Well, do you remember the last time you got some malware ? Perhaps you can study it to find out.
it was because of a bug in the SSH server. It wasn't because memory protection failed, it was because something let it in. Also we hadn't been keeping that computer up to date with security updates, which was very foolish.

If the user can format his hard drive, then malicious code also can ?
If not, why turning memory protection off would be allowed for malicious code for the sole reason the user is allowed to do so ?
Format hard drive requires admin privileges. If malicious code could get admin privileges, it could do it. You can get to admin privileges from user mode through user authentication system (i.e. password prompt). Whether it is wise to allow admin privilege to format hard drive we could discuss. But what you are asking for is Kernel privilege, which is altogether a different kettle of fish.

What would prevent hackers from signing their code too ?
They wouldn't have your private key.

Having a system that can work without memory protection means that it can work without an MMU, which, you have to admit, is :
1. Absolutely mandatory for memory protection,
2. Quite costly to implement in a soft core, which seems the only option we have now.
Killing that ability for "security" doesn't sound clever to me.
indeed, existing MMUs are very complex, but they need not be... consider my earlier suggestion of an MMU that doesn't remap memory pagewise, but only protects it. You would only need a bit mask. Other simple schemes might also be possible.
Mrs Beanbag is offline  
AdSense AdSense  
Page generated in 0.04484 seconds with 10 queries