Re: Exec-Shield vs. PaX
On Wed, 5 Nov 2003 pageexec@freemail.hu wrote:
> > i downloaded the new 0.9.5 paxtest package and amongst other changes it
> > has the following oneliner change:
[...]
> > + do_mprotect((unsigned long)argv & ~4095U, 4096, PROT_READ|PROT_WRITE|PROT_EXEC);
> first of all, it's multithreaded. [...]
paxtest does not link to libpthread, nor does it create threads, at all.
How can you claim it's multithreaded?
> glibc creates executable thread stacks by default. [...]
to the contrary, glibc does this:
00594000-005a1000 r-xp 00000000 09:00 735400 /lib/tls/libpthread-0.60.so
005a1000-005a2000 rw-p 0000c000 09:00 735400 /lib/tls/libpthread-0.60.so
005a2000-005a4000 rw-p 00000000 00:00 0
0063b000-00650000 r-xp 00000000 09:00 730361 /lib/ld-2.3.2.so
00650000-00651000 rw-p 00015000 09:00 730361 /lib/ld-2.3.2.so
00e25000-00f58000 r-xp 00000000 09:00 735396 /lib/tls/libc-2.3.2.so
00f58000-00f5b000 rw-p 00132000 09:00 735396 /lib/tls/libc-2.3.2.so
00f5b000-00f5e000 rw-p 00000000 00:00 0
08048000-08049000 r-xp 00000000 09:02 5226629 /tmp/test
08049000-0804a000 rw-p 00000000 09:02 5226629 /tmp/test
09e9c000-09ebd000 rw-p 00000000 00:00 0
beba6000-beba7000 ---p 00000000 00:00 0 <== thread stack guard page
beba7000-bf5a8000 rw-p 00001000 00:00 0 <== non-exec thread stack
bf5be000-bf5bf000 rw-p 00000000 00:00 0
bfe79000-c0000000 rw-p fff5d000 00:00 0
$ rpm -q glibc
glibc-2.3.2-101
Ingo
Reply to: