1 |
On 24/10/2007, Adam James <atj@××××××××××××××.uk> wrote: |
2 |
> On Wed, 24 Oct 2007 17:12:50 +0530 |
3 |
> widyachacra <widyachacra@×××××.com> wrote: |
4 |
> |
5 |
> > How to enable Enhanced Virus Protection(EVP) on linux? |
6 |
> |
7 |
> EVP is a bullshit marketing term for AMDs implementation of the Non |
8 |
> eXecute (NX) bit. |
9 |
> |
10 |
> See http://en.wikipedia.org/wiki/NX_bit#Linux for more information on |
11 |
> Linux support. |
12 |
|
13 |
Further, note that Hardened Gentoo is the way to go for full PaX |
14 |
support. That said, one can use the hardened-sources kernel without |
15 |
having built a system based upon a hardened stageball and toolchain, |
16 |
but it's less effective without a PIE userland. For further |
17 |
information: |
18 |
|
19 |
http://www.gentoo.org/proj/en/hardened/primer.xml |
20 |
|
21 |
I'd also like to add that the NX bit is supported by PaX to enforce |
22 |
W^X memory protection with no overhead but _only_ when running amd64. |
23 |
On x86 installations, the NX bit is not used by PaX, even if the |
24 |
processor supports it. |
25 |
|
26 |
Regards, |
27 |
|
28 |
--Kerin |
29 |
-- |
30 |
gentoo-server@g.o mailing list |