Now that Go 1.1 is out with non executable heaps, I thought that some others might enjoy reading my write-up of a vulnerability in earlier versions of Go: http://codearcana.com/posts/2013/04/23/exploiting-a-go-binary.html
Would it be possible for someone to briefly describe some of the security features added with Go 1.1? I feel like the non-executable heaps was somewhat buried in the other updates (I couldn't find it in the release notes) and I feel like that was a pretty important step for Go.
--
You received this message because you are subscribed to the Google Groups "golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
On Wed, May 15, 2013 at 7:51 AM, Hans Stimer <hans....@gmail.com> wrote:No more work should be needed. The CL removing the executable heap
> Is a non-executable heap now turned on for all OS's that support the
> concept, or is there more work to be done to take advantage of this?
was https://codereview.appspot.com/7405045 .
Just discovered that Windows is still using executable heap even in Go 1.1.