Subject: Re: Non executable mappings and compatibility options bugs
To: Chuck Silvers <>
From: Thor Lancelot Simon <>
List: tech-security
Date: 06/21/2004 09:55:17
On Sun, Jun 20, 2004 at 10:55:23AM -0700, Chuck Silvers wrote:
> it would be safest to default to making everything executable for other
> emulations until it can be verified that those binaries work ok with
> non-executable mappings.  this seems fine to me.

I strongly disagree; this would be a regression, with no warning to the
user, in system security.  Adding a COMPAT_ option shouldn't punch a giant
hole in a fundamental security mechanism.

If nothing else, both config and the kernel at boot time should print
warnings about this.