Date: Sun, 30 Jun 2002 12:45:08 +0200 From: Eivind Eklund <eivind@FreeBSD.ORG> To: Terry Lambert <tlambert2@mindspring.com> Cc: Bill Huey <billh@gnuppy.monkey.org>, Jake Burkholder <jake@locore.ca>, arch@FreeBSD.ORG Subject: Re: Time to make the stack non-executable? Message-ID: <20020630124508.A14361@phoenix.dmnstech.net> In-Reply-To: <3D1E55E5.998DCEBA@mindspring.com>; from tlambert2@mindspring.com on Sat, Jun 29, 2002 at 05:50:45PM -0700 References: <3D1E28ED.B67A5271@FreeBSD.org> <3D1E3126.C96FFAA5@mindspring.com> <20020629185554.I71376@locore.ca> <20020629232603.GA1361@gnuppy.monkey.org> <3D1E55E5.998DCEBA@mindspring.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Jun 29, 2002 at 05:50:45PM -0700, Terry Lambert wrote: [On setting a non-executable stack] > As I said in the original post, Sean and I are both aware of the > possibility that some software will be unable to run after this. > > One way to potentially work around this is to allow the stack > pages to be marked executable by explicit linking with an > alternate crt0.o, or, more usefully, by way of an attribute on > the file (e.g. a "chflags"). Is there some reason that we should not do this by way of a syscall that the particular process calls? If an exploit is at a point where it can run syscalls, I'd think we are screwed anyway, and we should know at compile time what programs would need this and not, if we do it globally. The only problem is legacy programs that need this. chflags has the large disadvantage of not playing nice with many backup systems, and not being available in many filesystems. An ELF section avoid this problem, but somehow seems less clean than a syscall. Eivind. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020630124508.A14361>