[la_barba]

You can prevent that by using the NX or the XD bit. Its a CPU feature and I believe the support was added over 15 years ago in most popular OSs. Here's the commit for Linux https://git.kernel.org/pub/scm/linux/kernel/git/history/hist...

>It's also pointless. If a program can cause damage by loading harmful code it can also cause damage directly.

It is not pointless, but it is also not perfect. That's why we have defense in depth. Where instead of having one perfect moat to protect the castle, you also have alligators and witches that turn people into frogs. :P

[anoncake]

The OS can prevent it, but can it do so without making JIT impossible?

[andrekandre]

well, if you can’t make pages executable you can “just in time” it by interpreting and writing it to an optimized interpreter format i suppose (but it will be much slower)... as an example, see WKWebView vs UIWebView (from iOS)

[anoncake]

You can do that but slow JIT kind of misses the point.