Hacker News new | past | comments | ask | show | jobs | submit login

It actually makes a lot of sense. Preventing pages from being executable makes exploitation so so so much harder... Because you will need to do ROP (Return oriented programming) and Apple is quite good at ASLR (Address space layour randomization).. It also means that malware can't just load external code from a C&C server etc.. And yes, it sucks that all this means that one can't JIT.

Edit: Allowing executable pages would also break mandatory code signing.




You'll have to do ROP to get the app to make your data executable anyway. Is it really that much easier?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: