Chuck Silvers <chuq@chuq.com> wrote:

> > What if we ever encounter a binary that checks its own sum? 
> if we had to patch such a thing to fix assumptions about executability
> of mappings, then we could patch the checksum that it's looking for as well.

It's the first time we decide that patching binaries is acceptable for
binary compatibility. I'm not sure it's reasonnable. What will be the
rule in the future to decide if it's better to implement a missing
feature or to patch the binaries so that they don't use the feature
anymore? 
 
> no written standard requires that the heap or stack be executable by default
> either.  any netbsd-native program that assumes that these regions of memory
> are executable by default has a bug.

I agree for native programs, as it's the rule now. But when we come to
emulations, it seems a bad move to me: if the foreign OS never stated
anything about it, and if it does executable mappings, emulating the
foreign OS correectly means having the ability to do executable
mappings. At elast it can be disabled by default, but we should probably
have a was to re-enable it if needed. 
  
> > For that reasons, a sysctl in the proc subtree seems useful. Is it
> > really hard to implement? We could have a p_flag about non exeutable
> > mappings. In how many places we'd have to check for it?   
> it's not a question of whether it's hard to implement, it's whether or not
> it's really a good idea.  at this point I'm saying that it's not.

The sysctl let the choice to the user. Let's have it secure by default,
and if users want a dangerous features, why coulnd't they have it?
OpenBSD has a long record for breaking compatibility because they think
things are insecure or politically unacceptable. I'm not sure we ever
chose that path. Is it a good path? In my opinion, it's not: the users
should have the power to decide what's going on on their machines. It
shoulnd't be our business to decide for them. 

-- 
Emmanuel Dreyfus
Il y a 10 sortes de personnes dans le monde: ceux qui comprennent 
le binaire et ceux qui ne le comprennent pas.
manu@netbsd.org