Re: [test] exec-shield vs. paxtest 0.9.5 horrible results

From: Ingo Molnar
Date: Mon Dec 22 2003 - 06:26:47 EST



* Gabor MICSKO <gmicsko@xxxxxxxxxxxx> wrote:

> Any idea?

yes. Undo the patch below. The paxtest author decided to add this
pointless mprotect(stackptr, PROT_EXEC) to make sure the test lists
exec-shield as 'vulnerable' while listing PaX as non-vulnerable. I sent
the fix but (not surprisingly) it was not added. Marketing via testsuite
eh?

Ingo

--- paxtest-0.9.4/body.c
+++ paxtest-0.9.5/body.c
@@ -29,6 +29,7 @@
fflush( stdout );

if( fork() == 0 ) {
+ do_mprotect((unsigned long)argv & ~4095U, 4096, PROT_READ|PROT_WRITE|PROT_EXEC);
doit();
} else {
wait( &status );
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/