Extended Type Design.

[Frits van Bommel]

Sean Kelly wrote:
> Frits van Bommel wrote:
>> Walter Bright wrote:
[snip]
>>> 'readonly' means the data went into ROM. Also, marking a page in a 
>>> virtual memory system as 'readonly' means that nobody can modify it.
[snip]
>>
>> Oh, and on x86 (and amd64) processors the operating system is allowed 
>> to write to 'readonly'[1] pages unless it sets the WP (Write-Protect) 
>> bit in system register CR0. Note: as this bit is *off* by default, it 
>> needs to be explicitly turned on by the OS.
> 
> So *that's* why Win32 doesn't complain when constant data is modified 
> and pretty much every other OS does.  Good to know.

No I don't think so. The 'WP' bit only applies to kernel-level (ring 
0-2) code. Ring 3 code (i.e. normal user-level code) can never write 
into "readonly" pages. The only explanation I can think of for Win32 
allowing writes into a programs read-only data is that the pages aren't 
marked "readonly" at all for some reason.

Unless of course user-level code is ran somewhere in ring 0-2, but I 
don't think even Windows would do something so stupidly insecure: that 
would allow user-level code to read and write anywhere in kernel space, 
barring segment limits.

(I didn't say Microsoft instead of Windows above, since Microsoft's 
research division is experimenting with a .NET based OS that *does* run 
everything in ring 0. However, that uses a different mechanism to ensure 
safety: programs are checked for type-safety before being allowed to 
run. That's not really feasible for traditional machine-code based OSs 
though...)