Message 177077 - Python tracker

➜

This issue tracker has been migrated to GitHub , and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

In-reply-to
Author	christian.heimes
Recipients	christian.heimes
Date	2012年12月07日.10:23:00
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1354875781.46.0.686705865065.issue16632@psf.upfronthosting.co.za>

Content
Python 3.3 doesn't use address space layout randomization [1] and data execution prevention [2] on Windows. ASLR and DEP make certain kinds of attacks harder. An attacker can't predict the address of functions or globals anymore and DEP helps against NOP sled attacks. Python's test suite runs fine with DEP and ASLR on AMD64. I see a crash in test_capi and a couple of crashes in test_faulthandler but these don't seem to be related. [1] http://en.wikipedia.org/wiki/ASLR [2] http://en.wikipedia.org/wiki/Data_Execution_Prevention

Content

Python 3.3 doesn't use address space layout randomization [1] and data execution prevention [2] on Windows. ASLR and DEP make certain kinds of attacks harder. An attacker can't predict the address of functions or globals anymore and DEP helps against NOP sled attacks.
Python's test suite runs fine with DEP and ASLR on AMD64. I see a crash in test_capi and a couple of crashes in test_faulthandler but these don't seem to be related.
[1] http://en.wikipedia.org/wiki/ASLR
[2] http://en.wikipedia.org/wiki/Data_Execution_Prevention

History
Date	User	Action	Args
2012年12月07日 10:23:01	christian.heimes	set	recipients: + christian.heimes
2012年12月07日 10:23:01	christian.heimes	set	messageid: <1354875781.46.0.686705865065.issue16632@psf.upfronthosting.co.za>
2012年12月07日 10:23:01	christian.heimes	link	issue16632 messages
2012年12月07日 10:23:01	christian.heimes	create

homepage