>> > I've recently played a bit with Solar Designer's patch and it looks that
>> > it doesn't have any
>> > significant overhead. Shoudn't it be in the kernel by default(at
>> > least,SECURE_STACK)?
>>
>> Last time when this question was raised was more then year ago (if I recall
>> correctly) and Linus said that his feeling about unexecutable stack is that
>> it does not make exploits impossible but insted give you false sense of safety.
>> So answer is "no". You can add such patch by hands if you wish...
>
>And it would prevent anything from working which is emplying the stack
>as a trampoline to pass around ... guess what ... for example thrown
>exceptions.
People are always quick to state as fact things that they have
not looked into. I don't know what the current status is on
this, but as I understand it, trampolines work with these
patches. This is all an FAQ. I've read this thread 40 times in
3 years. Why don't we all start another thread equally as
annoying on:
1) The use of goto in kernel sources?
2) Splitting up the kernel into several modular tarballs by arch,
etc..?
3) Binary only modules..
All equally annoying, and equally pointless. All FAQ's.
-- Mike A. Harris Linux advocate Computer Consultant GNU advocate Capslock Consulting Open Source advocateJoin the FreeMWare project - the goal to produce a FREE program in which you can run Windows 95/98/NT, and other operating systems.
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/