Subject: Re: Non executable mappings and compatibility options bugs
To: Thor Lancelot Simon <email@example.com>
From: Bill Studenmund <firstname.lastname@example.org>
Date: 06/21/2004 21:26:42
Content-Type: text/plain; charset=us-ascii
On Mon, Jun 21, 2004 at 09:55:17AM -0400, Thor Lancelot Simon wrote:
> On Sun, Jun 20, 2004 at 10:55:23AM -0700, Chuck Silvers wrote:
> > it would be safest to default to making everything executable for other
> > emulations until it can be verified that those binaries work ok with
> > non-executable mappings. this seems fine to me.
> I strongly disagree; this would be a regression, with no warning to the
> user, in system security. Adding a COMPAT_ option shouldn't punch a giant
> hole in a fundamental security mechanism.
How is this a regression? My understanding of the discussion is we would=20
disable non-exec mappings only for the emulaitons where the original OS=20
didn't do non-exec. My understanding of the reason for the discussion is=20
that some OSs, Linux/PPC for one, seem to depend on being able to exec=20
mappings we mark as non-exec. Thus we're imposing a restriction the OS=20
didn't, and breaking programs in the process.
So we either have programs that don't work, or programs that are as secure
as they were. I don't see how that is a regression. Yes, it is less
security than our current applications have, but that strikes me as a=20
reason to not use emulated programs, not a reason to break them.
I think it'd be a good idea to have a per-emulation sysctl, so we can tune=
I think it would also be appropriate to note that emulations operate with=
less security than native apps.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)
-----END PGP SIGNATURE-----