[Python-ideas] Executable space protection: NX bit,

Cameron Simpson cs at cskk.id.au
Mon Sep 3 23:26:48 EDT 2018

On 03Sep2018 22:32, Wes Turner <wes.turner at gmail.com> wrote:
>On Monday, September 3, 2018, Cameron Simpson <cs at cskk.id.au> wrote:
>> On 03Sep2018 20:58, Wes Turner <wes.turner at gmail.com> wrote:
>>> So, if an application accepts user-supplied input (such as a JSON
>>> payload),
>>> is that data marked as non-executable?
>> Unless you've hacked the JSON decoder (I think you can supply a custom
>> decoder for some things) all you're doing to get back is ints, strs, dicts
>> and lists.  And floats. None of those is executable.
>Can another process or exploitable C extension JMP to that data or no?

See Stephan Houben's reply to your post: heap and stack on modern OSes are 
normally NX mode already, and CPython objects live on the stack. So in that 
circumstance, no.

Cameron Simpson <cs at cskk.id.au>

More information about the Python-ideas mailing list