A common OS-level security protection makes application pro- gram code execute-o

Question

A common OS-level security protection makes application pro-
gram code execute-only and program data read/write-only.
(a) Why are these access control protections useful? Explain the types
of attacks that these protections defend against.
(b) Is this protection always suitable? Can we impose these access control
restrictions on every application? Explain your answer.
(c) Operating systems provide system calls, like mprotect, that allow
applications to change the permissions on their memory pages. Ex-
plain why this does or does not defeat the security of the memory
page access control restrictions.

Explanation / Answer

By changing the permissions on their memory pages, the code can be accessed easily and changed. It defeats the security of memory page access control restricts. The data can be modified and the code can be easily change if the permissions are changed on memory access. some memory pages are marked as non-executable data segments It prevents data bieng intererpreted and executed. By changing permissions at memory pages, gives a chance for the users to exploit code, inject it and executed.

Related Questions

Navigate

• Browse (All)
• Browse A
• Subjects

---

---

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.