Stack-Smash Protector

Ivo Bitter ivo at primerelay.net
Mon Sep 30 12:33:41 PDT 2002


On Mon, Sep 30, 2002 at 07:52:36PM +0100, Ian Molton wrote:
> On Mon, 30 Sep 2002 03:54:59 +0000 (UTC)
> dagmar at speakeasy.net wrote:
> 
> > 
> > POSIX compliance dictates that the stack should be executeable.  This
> > is, of course, intensely obnoxious,
> 
> Hadnt realised that. shocking.
> 
> I wonder if its possible to disable that in the kernel. shouldnt be
> hard, even if there is no option...

The grsecurity patch (see www.grsecurity.net) has a non-executable
stack option. I think the openwall patches have something similar for
2.2 kernels.

-- 
// Ivo Bitter // Primerelay
// ivo at primerelay.net // www.primerelay.net
// PGP public key at keys.primerelay.net/ivo.pub
-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe lfs-security' in the subject header of the message



More information about the lfs-security mailing list