Re: Non-executable stack
On Wednesday 02 November 2005 12:30, you wrote:
> Not quite. IA32 can make individual segments readable, writable and /
> or executable, but lacks the ability to do so on a per-page basis.
> Since we have trampoline code at the top of the stack, the entire
> stack segment must be executable. Moving the trampoline off the stack
> would solve the problem on all platforms.
>
> W^X across the board is not an option - it would break HotSpot and
> other JIT-based software.
Ah I see, but how about making the patch without touching the trampoline code
section? I'm not talking about doing it on all platforms (if ia32 sucks) or
making it default, just to give us security minded admins and users a kernel
option.
br
db
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 14 之 18 篇):