Subject: Re: more on non-executable mappings vs. emulations
To: None <>
From: Emmanuel Dreyfus <>
List: tech-kern
Date: 07/30/2004 11:58:51
> The "sysctl" solution simply unilaterally *disables an important security
> feature* for *all* executables running in the emulation in question, *even
> those that aren't actually buggy so as to require patching*.

A sysctl could be per-process and inheritable.
I immagine something such as sysctl -w proc.$$.execmap=1; exec foobar

We'd have a flag in struc proc's p_flags:
P_EXECMAP       default to zero, if set, stack and heap are executable

fork() and execve() would propagate the flag.

Emmanuel Dreyfus