It changes a broad class of attack exploits to require return-oriented programming techniques to exploit. Are you seriously claiming that ROP isn't "that much harder" than injecting arbitrary code?

libc by itself provides a Turing-complete set of ROP gadgets: <http://www.cs.ncsu.edu/faculty/jiang/pubs/RAID11.pdf>.

First of all: thanks! I'm excited to read this!

Second of all: ugh! Dear HackerNews team, please fix your URL matching algorithm so it doesn't include <> in URLs; they're actually explicitly recommended by the URI RFC as delimiters.

Sincerely,

halosghost

Here's the original paper of this attack (AFAIK): http://cseweb.ucsd.edu/~hovav/dist/geometry.pdf

The other paper shows that this technique is Turing complete.

But yes, basically W^X is defeated.

>Are you seriously claiming that ROP isn't "that much harder" than injecting arbitrary code?

Yes I am.

I think you're using overly vague classes if you can't point to classes of attack that are flat-out blocked.