Gentoo Archives: gentoo-hardened

From:	pageexec@××××××××.hu
To:	Eric Pretorious <ericp@××.net>, Joshua Brindle <method@g.o>
Cc:	gentoo-hardened@l.g.o
Subject:	Re: [gentoo-hardened] Exploitable Weakness: Shared Memory
Date:	Fri, 15 Oct 2004 21:03:23
Message-Id:	`417056E0.26972.2F84778C@localhost`
In Reply to:	Re: [gentoo-hardened] Exploitable Weakness: Shared Memory by Joshua Brindle

1	> trusted path is a broken concept.
2
3	what's broken in it?
4
5	> I'm not sure if it's been mentioned but adding noexec wouldn't prevent this
6	> since you can always run elf binaries through ld.so without directly executing
7	> them and noexec doesn't prevent this.
8
9	i'm not sure if it's been mentioned but 2.6 since late last year and 2.2/2.4
10	since earlier this year have all fixed this for the generic case and PaX fixes
11	it for good. i bet you haven't tried this yourself in a while ;-).
12
13
14	--
15	gentoo-hardened@g.o mailing list