Hacker News new | past | comments | ask | show | jobs | submit login

> A funny thing is that a fully static LTO processed and inlined app is extremely hard to crack once ASLR is in play since you get no returns and get to mess only with what is inside.

How often does that actually happen? On macOS and Windows the answer should be "never" since the syscall ABI is not stable...




On both of these platforms, ABIs and APIs are stable until you get to drawing. Which means you should probably use real process separation for the GUI - it has to be linked dynamically.


No part of the Windows syscall ABI is stable on Windows. Not win32k, not core NTAPI. You need core NTAPI to send IPC messages.


It is stable in the terms of "actually didn't change in a way to break apps" not "guaranteed to be kept compatible".

Last time they did a major break there is in Windows 2000. I recommend reading up on how LPC works.

There have been extensions though. Such as very useful pico processes in Windows 10... Major extensions in Vista too, related to security and async operation.

I recommend j00ru's blog as a good starting point. And of course Windows Internals books.


> On macOS and Windows the answer should be "never" since the syscall ABI is not stable...

Dear Golang...


    #define WINAPI __stdcall
The windows API ABI is stable and unchanged for decades.


That has absolutely nothing to do with Windows syscall ABI.


The Windows API is. The NT syscall ABI is not.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: