[Python-ideas] Executable space protection: NX bit,
Wes Turner
wes.turner at gmail.com
Mon Sep 3 22:32:43 EDT 2018
On Monday, September 3, 2018, Cameron Simpson <cs at cskk.id.au> wrote:
> On 03Sep2018 20:58, Wes Turner <wes.turner at gmail.com> wrote:
>
>> So, if an application accepts user-supplied input (such as a JSON
>> payload),
>> is that data marked as non-executable?
>>
>
> Unless you've hacked the JSON decoder (I think you can supply a custom
> decoder for some things) all you're doing to get back is ints, strs, dicts
> and lists. And floats. None of those is executable.
Can another process or exploitable C extension JMP to that data or no?
>
> Cheers,
> Cameron Simpson <cs at cskk.id.au>
> _______________________________________________
> Python-ideas mailing list
> Python-ideas at python.org
> https://mail.python.org/mailman/listinfo/python-ideas
> Code of Conduct: http://python.org/psf/codeofconduct/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-ideas/attachments/20180903/8b5a3292/attachment.html>
More information about the Python-ideas
mailing list