Or the author is smart.. which is the case. The patch changes the ring 3
code segment descriptor to limit below the stack. Executing code on the stack
traps via a trampoline detector. It works rather nicely considering the limits
the CPU imposes.
On sane machines the kernel does not need to be involved - you can do non
executable stack simply by fixing ld.so and glibc a little on many platforms
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/