On Sat, 25 Aug 2007, Ken Kousky wrote:
I'm trying to understand how the vm actually prevents the buffer overflow from injecting code that has direct hardware control? It seems that the code injected into memory should be truly "arbitrary code" based on the physical machine.
First off, you need to understand what a buffer overflow is -- in most cases it's not an attack on the hardware, it's an attack on the process. Which is usually running in its own protected address space. In short, vms don't alleviate or protect you from buffer overflows (crap code is still crap inside of a guest), but running a service in a dedicated vm versus on a host with other concurrent services reduces the information leakage should the service be subverted. That's all. --Arthur Corliss Live Free or Die
