Re: Exec-Shield vs. PaX
> > It is in fact a simulation of a multithreaded application. [...]
>
> The test incorrectly assumes that thread stacks are executable. I suspect
> we both agree that it's desirable to have thread stacks non-executable as
> well.
while i agree with you on this one, it is in stark contrast to what you
said earlier:
> there's nothing wrong about an executable stack though. It's been part of
> Linux ever since.
also, the test does not only demonstrate that thread stacks are executable
or not, it demonstrates a fundemental design flaw in Exec-Shield: whenever
an executable region is created in the address space, *everything* below
that becomes executable as well. i believe it is important that Exec-Shield
users are aware of this flaw, could you write a test for this as well please?
Reply to: