Re: [ubuntu-hardened] Re: Collecting NX information

From: John Richard Moser
Date: Tue Mar 29 2005 - 03:55:49 EST

Next message: Ingo Molnar: "Re: [patch] Real-Time Preemption, deactivate() scheduling issue"
Previous message: Ingo Molnar: "Re: [patch] Fix e1000 driver disable interrupts bug for realtime-preempt-2.6.11-rc4-V0.7.39-02"
In reply to: John Richard Moser: "Re: [ubuntu-hardened] Re: Collecting NX information"
Next in thread: John Richard Moser: "Re: [ubuntu-hardened] Re: Collecting NX information"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

John Richard Moser wrote:
>
>
> Arjan van de Ven wrote:
>
[...]

Three more notes, then I'll sleep. These notes won't include the two
paragraph long explaination of falling back to PT_GNU_STACK if
PT_PAX_FLAGS isn't there; compatibility has been touched what, 5 times?

1. I don't want to continue using PT_GNU_STACK for three reasons. The
first being that PaX uses a tristate in PT_PAX_FLAGS; the second being
that PT_GNU_STACK is a whole ELF field and I'm inclined to take the more
space-efficient method; and the third being that PT_GNU_STACK is not a
tristate.

The last is particularly an important consideration to me: a tristate
would allow for a compatibility/soft mode, but changing PT_GNU_STACK's
logic would change the current expected behavior and thus could be
unpredictable (break things). I have no interest in breaking Fedora
horribly, nor wasting space with a full field where sharing with the
other parts of PT_PAX_FLAGS would do just fine.

2. Although binutils can emit PT_GNU_STACK, the paxctl utility could
also be modified to detect PT_GNU_STACK in a binary without PT_PAX_FLAGS
and change it to PT_PAX_FLAGS, then nuke it. This would allow the flags
to be changed without relinking (remember PT_GNU_STACK is to be ignored
if PT_PAX_FLAGS exists at all). This is only of interest to
distributions which will use PT_PAX_FLAGS.

Note also that execstack would probably be wisely modified to set
PF_PAGEEXEC and PT_GNU_STACK both, just for future compatibility. This
is of course a lot of work (I tried to make paxctl hack EI_PAX too, and
. . .well, it didn't work).

3. PaX won't pay any attention to markings on libraries. Exec Shield
and Mainline may, though I have no idea how. If it can be done with
PT_GNU_STACK, it can be done with PT_PAX_FLAGS. Such behavior is
acceptable, though libraries should be coded with the utmost care to
avoid this simply because the weakening of security around a library
weakens any and all programs using that library.

- --
All content of all messages exchanged herein are left in the
Public Domain, unless otherwise explicitly stated.

Creative brains are a valuable, limited resource. They shouldn't be
wasted on re-inventing the wheel when there are so many fascinating
new problems waiting out there.
-- Eric Steven Raymond
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCSRWghDd4aOud5P8RAhRFAJ9Ezr6mMIEvk9R+4XpXq7+lZxgd0gCfYhBa
IuUU7Zeuk1J9kSJXCSqZlKU=
=m0YW
-----END PGP SIGNATURE-----
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Ingo Molnar: "Re: [patch] Real-Time Preemption, deactivate() scheduling issue"
Previous message: Ingo Molnar: "Re: [patch] Fix e1000 driver disable interrupts bug for realtime-preempt-2.6.11-rc4-V0.7.39-02"
In reply to: John Richard Moser: "Re: [ubuntu-hardened] Re: Collecting NX information"
Next in thread: John Richard Moser: "Re: [ubuntu-hardened] Re: Collecting NX information"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]