On Mon, Jan 17, 2000 at 11:58:48PM +0100, Guido Draheim wrote:
> Question: if you make data/stack segments
> unexecutable by default and provide a call
> to make it executable again for the few
> hundred programs that need it, wouldn't
> there be s.o. who could exploit the
> availability of such a call?
by the time he could exploit this call he could exploit
anything else and wouldn't bother to do this.
> Question: if you provide a call to make
> your segments unreadable, without an
mprotect() ? A bit more difficult to do with stack :-(
> option to turn it back, wouldn't that
> make more sense down here? put that in
> your crt0...
it would make sense if my above assumption was wrong.
Still I can't see how it could go wrong.
If it isn't then you have to decide what is more sensible
as default behavior.
Also it appears reasonable to have the protection settable
with fine granularity like pages.
> Question: isn't it really only important
> for setuid things?
it may be useful even for normal debugging.
Bye
Richard
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sun Jan 23 2000 - 21:00:21 EST