From owner-freebsd-security@FreeBSD.ORG  Sat Oct 29 14:12:57 2005
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 282A816A41F
	for <freebsd-security@freebsd.org>;
	Sat, 29 Oct 2005 14:12:57 +0000 (GMT)
	(envelope-from db@traceroute.dk)
Received: from cicero2.cybercity.dk (cicero2.cybercity.dk [212.242.40.53])
	by mx1.FreeBSD.org (Postfix) with ESMTP id B871843D45
	for <freebsd-security@freebsd.org>;
	Sat, 29 Oct 2005 14:12:56 +0000 (GMT)
	(envelope-from db@traceroute.dk)
Received: from user5.cybercity.dk (user5.cybercity.dk [212.242.41.51])
	by cicero2.cybercity.dk (Postfix) with ESMTP
	id 4588119040C; Sat, 29 Oct 2005 16:12:55 +0200 (CEST)
Received: from trinita (port132.ds1-arsy.adsl.cybercity.dk [212.242.239.73])
	by user5.cybercity.dk (Postfix) with ESMTP
	id E49AB3A1D85; Sat, 29 Oct 2005 16:12:54 +0200 (CEST)
From: db <db@traceroute.dk>
To: Jimmy Scott <jimmy@inet-solutions.be>,
	freebsd-security@freebsd.org
Date: Sat, 29 Oct 2005 14:12:57 +0000
User-Agent: KMail/1.8.2
References: <200510270608.51571.db@traceroute.dk>
	<200510291242.16461.db@traceroute.dk>
	<20051029131519.GA22254@ada.devbox.be>
In-Reply-To: <20051029131519.GA22254@ada.devbox.be>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200510291412.57656.db@traceroute.dk>
Cc: 
Subject: Re: Non-executable stack
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Oct 2005 14:12:57 -0000

On Saturday 29 October 2005 13:15, you wrote:
> The thing you are refering to is W^X using the NXE register of the amd64
> if I'm not mistaken, marking memory pages as writable or executable,
> but not both. (The thing also works on i386 using an ugly hack).

Yeah. Memory on ia32 can be writable and readable. When it is readable it is 
also executable. On other arch's like AMD64 and IA64, I believe memory can be 
readable, writable and executable. Therefore I would like to remove the 
executable bit on the stack and heap for the systems supporting it.

br
db