Subject: re: Non executable mappings and compatibility options bugs
To: Erik E. Fair <email@example.com>
From: matthew green <firstname.lastname@example.org>
Date: 06/22/2004 15:58:57
At 9:55 -0400 6/21/04, Thor Lancelot Simon wrote:
>On Sun, Jun 20, 2004 at 10:55:23AM -0700, Chuck Silvers wrote:
>> it would be safest to default to making everything executable for other
>> emulations until it can be verified that those binaries work ok with
>> non-executable mappings. this seems fine to me.
>I strongly disagree; this would be a regression, with no warning to the
>user, in system security. Adding a COMPAT_ option shouldn't punch a giant
>hole in a fundamental security mechanism.
>If nothing else, both config and the kernel at boot time should print
>warnings about this.
I agree completely with what Thor wrote, with feeling. Emphasis. Exclamation.
actually, i'd call the fact that we can no longer run other binaries
a regression, not the fact that we can only run our own secure ones.
i'm all for security features, but they can't break other things in
the process. why is it a regression to not enable a security feature
for an emulation until it's verified _not to break it_?