1 |
On 9 Jan 2007 at 9:43, Adam James wrote: |
2 |
|
3 |
> On my hardened amd64 system, ts will not run at all, even with all |
4 |
> protections disabled via chpax. However, when using chpax to disable |
5 |
> PAGE_EXEC on an i386 system, ts will start. This led me to believe that |
6 |
> on architectures where the NX bit is supported natively by the |
7 |
> kernel/Pax [1], the protection cannot be disabled on a per-binary |
8 |
> basis. Perhaps someone more knowledgeable can clarify this? |
9 |
|
10 |
i just posted an explanation for this behaviour and would also |
11 |
add here that in the vanilla kernel there's a way to control |
12 |
(simulate) the older 'read implies exec' behaviour (which would |
13 |
be an alternative to hexediting the program header): it's |
14 |
determined by the PT_GNU_STACK program header. if it's not |
15 |
present or specifies RWE rights then the 'read implies exec' |
16 |
personality will be automatically turned on (that is, when |
17 |
PaX/MPROTECT is already disabled on the binary). so execstack -s |
18 |
may also get such apps to work. |
19 |
|
20 |
|
21 |
-- |
22 |
gentoo-hardened@g.o mailing list |