From owner-freebsd-security@FreeBSD.ORG Sat Oct 29 13:15:23 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2EC9416A41F for ; Sat, 29 Oct 2005 13:15:23 +0000 (GMT) (envelope-from jimmy@inet-solutions.be) Received: from hoboe1bl1.telenet-ops.be (hoboe1bl1.telenet-ops.be [195.130.137.72]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7A09943D49 for ; Sat, 29 Oct 2005 13:15:22 +0000 (GMT) (envelope-from jimmy@inet-solutions.be) Received: from localhost (localhost.localdomain [127.0.0.1]) by hoboe1bl1.telenet-ops.be (Postfix) with SMTP id 10F1B38160; Sat, 29 Oct 2005 15:15:21 +0200 (CEST) Received: from intranet.devbox.be (d54C304FE.access.telenet.be [84.195.4.254]) by hoboe1bl1.telenet-ops.be (Postfix) with ESMTP id 9A5F0380FB; Sat, 29 Oct 2005 15:15:20 +0200 (CEST) Received: from intranet.devbox.be (localhost [127.0.0.1]) by intranet.devbox.be (8.13.3/8.13.3) with ESMTP id j9TDFKpV013751; Sat, 29 Oct 2005 15:15:20 +0200 (CEST) Received: (from jimmy@localhost) by intranet.devbox.be (8.13.3/8.13.3/Submit) id j9TDFJ6W004764; Sat, 29 Oct 2005 15:15:19 +0200 (CEST) Date: Sat, 29 Oct 2005 15:15:19 +0200 From: Jimmy Scott To: db Message-ID: <20051029131519.GA22254@ada.devbox.be> References: <200510270608.51571.db@traceroute.dk> <200510271511.36004.db@traceroute.dk> <20051029073411.F11965@odysseus.silby.com> <200510291242.16461.db@traceroute.dk> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="u3/rZRmxL6MmkK24" Content-Disposition: inline In-Reply-To: <200510291242.16461.db@traceroute.dk> User-Agent: Mutt/1.4.2i X-PGP-KeyID: 48033D3D X-PGP-Fingerprint: 88A9 54A0 D143 A4F7 8ACA 154F 8032 D30C 4803 3D3D X-PGP-Key: http://pub.devbox.be/misc/pgp.jimmy.asc Cc: freebsd-security@freebsd.org Subject: Re: Non-executable stack X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 29 Oct 2005 13:15:23 -0000 --u3/rZRmxL6MmkK24 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Oct 29, 2005 at 12:42:16PM +0000, db wrote: > On Saturday 29 October 2005 12:36, you wrote: > > The issue is not one of want, but one of practicality. FreeBSD updates > > to new versions of gcc relatively frequently, and having to update the > > propolice patch with each update (or waiting for an update) would be > > additional work. > > > > It appears that propolice has finally made its way into gcc 4.1, so > > hopefully that will be ready for FreeBSD 7. >=20 > I don't want a gcc fix via propolice, I want kernel support for this. So = that=20 > if a program tries to execute code in the stack or heap it will crash. >=20 > br > db > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.or= g" >=20 The thing you are refering to is W^X using the NXE register of the amd64 if I'm not mistaken, marking memory pages as writable or executable, but not both. (The thing also works on i386 using an ugly hack). --=20 People usually get what's coming to them ... unless it's been mailed. --u3/rZRmxL6MmkK24 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (OpenBSD) iD8DBQFDY3XngDLTDEgDPT0RAo8fAJ99XJ/DF1OxxWR/slYIPrpI/DuL+gCdELqI JRiLhJPpfgVJ+PUWf8LDAgM= =hoU6 -----END PGP SIGNATURE----- --u3/rZRmxL6MmkK24--