Re: Alternative security measures
I get your point that more complex programs have likely larger stack requirements; I’ve never been involved on something that size, so I haven’t seen the problems.
One answer is to separate stack into return-address and data, and keep return address only in dedIcated onboard. “Surely” that can’t overrun.
I still think that our general problem is that we have sized our compute infrastructure on “must be able to do everything” rather than “securely compute typical things, and refactor our previously unconstrained solutions”.
I don’t have all the answers, not surprisingly....like how to enforce code/data separation for interpreted code like Java