Content deleted Content added
attacks; OpenBSD W^X |
m explain what W^X means |
||
Line 7:
Self-modifying code was used to hide copy protection instructions in [[1980s]] [[MS-DOS]] based games. The [[floppy disk]] drive access instruction '[[interrupt|int]] 0x13' would not appear in the executable program's image but it would be written into the executable's memory image after the program started executing. Self-modifying code is also sometimes used by programs that do not want to reveal their presence -- such as [[computer virus]]es and some [[shellcode]]s. Modifying a piece of running code is also used in certain attacks, such as [[buffer overflow]]s.
Because of the security implications of self-modifying code, some [[operating system]]s go to lengths to rule it out. Recent versions of [[OpenBSD]], for instance, have a feature known as W^X (for "write [[xor]] execute", meaning a program can only write, or execute, ''but not both'') which inhibits alteration of memory pages which harbor executable code. Programs which depend upon rewriting their own machine code cannot execute in such an environment.
==Example algorithm (theoretical!)==
| |||