1 |
On Wednesday 11 May 2005 09:02, Julian Rendell wrote: |
2 |
> I've just come across the following page: |
3 |
> http://d-sbd.alioth.debian.org/www/?page=pax |
4 |
> which states: |
5 |
> On i386, there is no NX bit in hardware; thus, one is emulated for a |
6 |
> nominal cost. There are two emulation methods, PAGEEXEC and SEGMEXEC. |
7 |
> Each method has its own faults and its own merits. It should be noted, |
8 |
> however, that on k6-2, PAGEEXEC cannot properly function and SHOULD |
9 |
> NOT be enabled. This is due to the k6-2 having a different TLB |
10 |
> architecture which in most cases is compatible with other i386 |
11 |
> processors; the advanced use that PAGEEXEC makes of the TLB is NOT |
12 |
> compatible with the k6-2 TLB architecture. |
13 |
> |
14 |
> Is the hardened tool-chain set to use PageExec? |
15 |
> If so, how can I change it to use SEGMEXEC? |
16 |
> Are there any stages pre-compiled with SEGMEXEC? |
17 |
|
18 |
it's a kernel option. under security options -> PaX options -> memory |
19 |
protection (or similar) -> page based exec protection /segmentation based |
20 |
exec protection. |
21 |
|
22 |
regards, |
23 |
pedro venda. |
24 |
-- |
25 |
|
26 |
Pedro João Lopes Venda |
27 |
email: pjvenda < at > arrakis.dhis.org |
28 |
http://arrakis.dhis.org |