Re: Linux kernel patch to remove stack exec permission

Ingo Molnar (
Mon, 14 Apr 1997 17:34:30 +0200 (MET DST)

On Mon, 14 Apr 1997, Zefram wrote:

> Ingo Molnar wrote:
> >would it be a good idea to strip off the highest bit in env[] and args[]
> >when exec()-ing?
> Don't be silly. Some of us use full Latin-1 or UTF-8 for filenames,
> and in grep patterns, and so on.

some of us like me ;) *blush*. And i was told that it's possible to build
pure 7-bit ASCII based programs as well ...

Plus envp[] and argv[] are right above the stack, so the original patch
already covers this case.

> >for the BSS/malloc() things we could theoretically get the kernel to put
> >executable mmap()-ed areas into the 0-1G range, and the rest into the
> >1G-2G range.
> This is the Right Thing to do w.r.t. trampolines. Fancy hacking that
> into gcc?

actually i ment doing this on the kernel side, by sorting executable and
nonexecutable mmap()-ed areas into segments ... not too clean, but it
would prevent passing executable code via data channels >at all<.

80% of the more elusive security holes do rely on getting some code into a
protected execution context somehow?

> Then again, it might be easier just to stop writing programs that smash
> the stack. Amazingly enough, this confers other benefits too.

it's about decreasing certain risks. I would love having 10 security holes
per 1 million lines of code, instead of hundreds.

-- mingo