Re: two things

Martin von Loewis (
Fri, 19 Dec 1997 00:18:20 +0100

> We should not fix the problem in the case where it _can_ be solved,
> just because there are cases where it cannot?

Exactly. Of course, everybody is free to use that patch, if she things
that there is an advantage in using it. However, it would be very bad
for Linux if the patch was included and it became public knowledge that
Linux is protected against executable-stack attacks. If later somebody
finds the work-around (as somebody certainly will), it will be a PR

There are much better ways of fighting these kinds of attacks. About
the best way is to fix the applications that risk buffer overflows.
glibc 2 does a very good job in this: it produces linker warnings for
unsafe functions. So every time somebody installs such a package from
the sources, she will get a linker warning, until she finally does
something about it. Works much better in the long run, IMHO.