Subject: Re: segvguard [was: Re: CVS commit: src/sys/sys]
To: YAMAMOTO Takashi <firstname.lastname@example.org>
From: Elad Efrat <elad@NetBSD.org>
Date: 11/30/2006 15:59:32
YAMAMOTO Takashi wrote:
>> PaX Segvguard makes use of kernel memory, so use it wisely. While
>> it provides rate-limiting protections, it works on a per-program
>> basis for keeping its records, meaning that irresponsible use may
>> result in keeping track of all segfaults in the system, easily
>> wasting all kernel memory.
> are you talking about pax_segvguard_entry etc?
>> For this reason, it is highly recommended to have PaX Segvguard
>> enabled explicitly only for network services etc. Enabling PaX
>> Segvguard explicitly works like this:
>> # paxctl +G /usr/sbin/sshd
>> Explicitly disabling PaX Segvguard can be done like this:
>> # paxctl +g /bin/ls
> why do you want to disable it?
> ie. why do you want to use two bits in PF_MASKOS?
flexibility. like with mprotect restrictions, we allow the admin to do
any of the following:
- enable it for all binaries except those marked as "disable"
- disable it for all binaries except those marked "enable"
the first implementation used a single bit, "toggle", that meant
"exactly the opposite of the global flag". due to objections I
introduced two explicit flags.
like I already said, if you have a better suggestion on where to
store these flags, it's fine with me.