Actually, modern architectures (at least in real operating systems like Linux and BSD (Mac)) let you designate pages as (execute-only) code, read-only data, and read-write data. Most of the problems come up because the stack us used for both data and return addresses, and while return addresses are data, they _point to_ code.
There are two possible fixes: separate return and data stacks, which I haven't seen used in decades, or keeping writable data out of the stack. That happens naturally with functional programming, because data in functional programs are immutable. A partial fix to make ROP more difficult is to scramble modules in a program at load time, making it hard to predict where the attacker needs to point the modified return address.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
no subject
Date: 2018-11-16 05:30 pm (UTC)There are two possible fixes: separate return and data stacks, which I haven't seen used in decades, or keeping writable data out of the stack. That happens naturally with functional programming, because data in functional programs are immutable. A partial fix to make ROP more difficult is to scramble modules in a program at load time, making it hard to predict where the attacker needs to point the modified return address.