Subject: Re: more on non-executable mappings vs. emulations
To: None <firstname.lastname@example.org>
From: Emmanuel Dreyfus <email@example.com>
Date: 07/30/2004 11:58:51
> The "sysctl" solution simply unilaterally *disables an important security
> feature* for *all* executables running in the emulation in question, *even
> those that aren't actually buggy so as to require patching*.
A sysctl could be per-process and inheritable.
I immagine something such as sysctl -w proc.$$.execmap=1; exec foobar
We'd have a flag in struc proc's p_flags:
P_EXECMAP default to zero, if set, stack and heap are executable
fork() and execve() would propagate the flag.