Re: Linux kernel patch to remove stack exec permission

Stephen R. van den Berg (srb@cuci.nl)
Sat, 12 Apr 1997 17:51:21 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Dan St.Andre': "fd0 causes Kernel PANIC (a un-resolved long tale of woe)"
Previous message: Seth M. Landsman: "Re: Re[2]: Kernel testing"
In reply to: solar@sun1.ideal.ru: "Linux kernel patch to remove stack exec permission"
Next in thread: Mike Meissner: "Re: Linux kernel patch to remove stack exec permission"

solar@sun1.ideal.ru <solar@sun1.ideal.ru> wrote:
>There seemed to be no patch for Linux kernel to remove execute permission
>from the stack (to prevent most buffer overflow exploits), so I decided to
>make one, I include it at the end of this message. I heard some rumours that
>GCC assumes stack frame to be executable when dealing with nested functions,

That's not just a rumour. That's a fact.
Also, if signal processing hasn't changed in the last two years, returning
from a signal requires an executable stack as well.
(You've just changed every signal into a SIGSEGV :-).

-- Sincerely, srb@cuci.nl Stephen R. van den Berg (AKA BuGless).

A sign seen at the local pizza place: "DO NOT CARRY TAKE-OUT BOXES BY HANDLES"

Next message: Dan St.Andre': "fd0 causes Kernel PANIC (a un-resolved long tale of woe)"
Previous message: Seth M. Landsman: "Re: Re[2]: Kernel testing"
In reply to: solar@sun1.ideal.ru: "Linux kernel patch to remove stack exec permission"
Next in thread: Mike Meissner: "Re: Linux kernel patch to remove stack exec permission"