| ▲ | torginus 3 hours ago | |||||||
Thank god, finally someone said it. I don't know the first thing about cybersecurity, but in my experience all these sandbox-break RCEs involve a step of highjacking the control flow. There were attempts to prevent various flavors of this, but imo, as long as dynamic branches exist in some form, like dlsym(), function pointers, or vtables, we will not be rid of this class of exploit entirely. The latter one is the most concerning, as this kind of dynamic branching is the bread and butter of OOP languages, I'm not even sure you could write a nontrivial C++ program without it. Maybe Rust would be a help here? Could one practically write a large Rust program without any sort of branch to dynamic addresses? Static linking, and compile time polymorphism only? | ||||||||
| ▲ | tptacek 2 hours ago | parent [-] | |||||||
Everybody has been saying this for the last 15 years. | ||||||||
| ||||||||