[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Exec-Shield vs. PaX



On Thu, 6 Nov 2003 pageexec@freemail.hu wrote:

> > there's nothing wrong about an executable stack though. It's been part of
> > Linux ever since.
> 
> the brk() managed heap has also been executable. yet you break apps that
> assume so (the ominous XFree86 server would also use the brk() managed
> heap if you were to tell malloc() to not use mmap() at all or for 'big'
> areas only, well beyond the default 128k. actually, for 'small' modules
> XFree86 does use the brk() heap).

yes. This is one reason why exec-shield isnt ready for the mainline kernel
(and might never be). Fortunately, executable malloc() assumptions seem to
be much less widespread than the reliance on an executable stack. But you
are right of course, exec-shield breaks the 'Linus rule' too.

	Ingo



Reply to: