I am running Debian 2.6.26-21lenny4 and I am puzzled by an issue with the enforcement of page permissions. I have written a simple program with a basic buffer overflow and compiled two versions using gcc: one with -z execstack and another with -z noexecstack.
However, I am able to inject and execute shellcode from a stack local character buffer in both versions. Is there another system option I am unaware of that affects enforcement? Is enforcement not supported for my system version?