undefined | Better HN

0 pointsgok7y ago0 comments

https://www.jaybosamiya.com/blog/2019/01/02/krautflare/

0 comments

Which didn't need RWX by using ROP chains instead...?

The security vulnerability there was that the process had the ability to invoke shell at all, not how they got to invoking shell. In-process sandboxing isn't a thing anymore, spectre proved that. In that context what risk does RWX actually pose?

j / k navigate · click thread line to collapse

0 pointsgok7y ago0 comments

https://www.jaybosamiya.com/blog/2019/01/02/krautflare/

0 comments

kllrnohj7y ago

Which didn't need RWX by using ROP chains instead...?

The security vulnerability there was that the process had the ability to invoke shell at all, not how they got to invoking shell. In-process sandboxing isn't a thing anymore, spectre proved that. In that context what risk does RWX actually pose?

j / k navigate · click thread line to collapse