Re: exec-shield (maybe ITP kernel-patch-exec-shield)
>From reading the techincal descriptions of PaX and Exec-shield, there
does seem to be one, major advantage of Exec-shield over PaX, and that
is that PaX takes the pathetically small, undersized space available
to userspace applications on 32-bit architectures (i.e., only 3GB) and
cuts it down into half (i.e, 1.5 GB). Given the fragmentation of how
the userspace memory has to be used (for shared libraries, mmap'ed
regious both for files and for large malloc allocations, stack,
program text), etc, this is could be a major problem for some
applications.
Randomizing the shared libraries, as PaX does, for every single
invocation, also comes with some tradeoffs. In particular this would
mean that it is incompatible with prelink, which speeds up the loading
of applications with large numbers of shared libraries. (Some
systems/distro's run "prelink -afR" out of cron to re-randomize the
layout every day, which seems to be a nice compromise.)
Discalimer: I've only read the technical docs, and haven't had time to
do a detailed examination of the sources, so if the descriptions are
wrong or misleading, some details in this note might be incorrect. I
apologize in advance if I've gotten any of the details wrong.
- Ted
Reply to: