Subject: Re: Non executable mappings and compatibility options bugs
To: NetBSD-tech-kern <tech-kern@netbsd.org>
From: Sascha Retzki <lantis@iqranet.info>
List: tech-kern
Date: 06/26/2004 11:33:30
Am Sa, 2004-06-26 um 10.42 schrieb Jaromir Dolecek:
> Erik E. Fair wrote:
> > The point is to make sure that the user understands the risks
> > they're running. We now have a new statement to make:
> >
> > The main thing I think we're disagreeing about is how loudly to
> > say this.
> 
> I think this should be sysctl per emulation, and default to
> off (i.e. non-exec stack). The compat_*(8) manpages would
> then contain appropriate pointers how to enable it.
> 
> Did anyone try to run e.g. Linux binaries with the non-exec
> stack on?
> 
> Jaromir 

PaX is stack protection of that kind, Adamantix, a Linux distro has it
enabled by default. Most times it works :) ... seriously, there are some
packages known not to work, but they have not much problems with stack
protection itsself.

With best regards,


Sascha Retzki