Re: [announce] [patch] NX (No eXecute) support for x86, 2.6.7-rc2-bk2
From: Linus Torvalds
Date: Fri Jun 04 2004 - 10:40:07 EST
On Fri, 4 Jun 2004, Andy Lutomirski wrote:
>
> This is wrong on SELinux (and presumably with other LSMs). It also does
> unexpected things if you fail to exec a setuid executable.
Let's not do this at all.
Anything that changes subtle behaviour at suid-execute time is just wrong.
Imagine an app that has been tested in normal use, and then has a subtle
bug when executed set-uid, simply because the address space layout
changes. Or something that mysteriously works when you're root, but not
when you're anything else. Ouch.
I think we should just look at the executable itself, not whether it is
suid. If the executable says it is "NX-approved", then it's NX-approved.
End of story - just try to make sure that as many executables as possible
get compiled with the newer compiler suite that enables it.
Add a tool to let people turn on/off the NX bit on an executable if it
turns out the executable can't work with it (let's say it was compiled and
tested on a CPU without NX support), and everybody should be happy. You
can have a trivial script that turns on the NX bit on all the legacy apps
too, and then if testing shows iot wasn't a good idea, you can turn it off
again on a per-executable basis.
No?
Linus
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/