From owner-freebsd-security Wed Jul 11 13:35:54 2001 Delivered-To: freebsd-security@freebsd.org Received: from orhi.sarenet.es (orhi.sarenet.es [192.148.167.5]) by hub.freebsd.org (Postfix) with ESMTP id F216737B401 for ; Wed, 11 Jul 2001 13:35:51 -0700 (PDT) (envelope-from borjamar@sarenet.es) Received: from nenuial.arnor.es (borja.sarenet.es [192.148.167.77]) by orhi.sarenet.es (Postfix) with SMTP id AC4FA494A for ; Wed, 11 Jul 2001 22:35:36 +0200 (MET DST) Content-Type: text/plain; charset="iso-8859-1" From: Borja Marcos To: freebsd-security@freebsd.org Subject: Re: non-exec stack Date: Wed, 11 Jul 2001 22:35:50 +0200 X-Mailer: KMail [version 1.2] References: <001901c10830$b51e7890$0100a8c0@alexus> <20010711145325.L66856-100000@scribble.fsn.hu> <20010711121731.A87389@xor.obsecurity.org> In-Reply-To: <20010711121731.A87389@xor.obsecurity.org> MIME-Version: 1.0 Message-Id: <01071122332004.02234@nenuial.arnor.es> Content-Transfer-Encoding: 8bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Wednesday 11 July 2001 21:17, you wrote: > That's a different thing (it doesn't make the stack non-executable, it > patches gcc to generate code which tries to catch and prevent > stack-smashing buffer overflows). I don't know of anyone who has > written a non-exec stack patch for FreeBSD. It would certainly be > welcome. I wonder... how is it implemented? Perhaps checking that the page is not a stack page whenever the process enters a system call? Checking the same at context switches? Borja. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message