Subject: Re: Non executable mappings and compatibility options bugs
To: matthew green <firstname.lastname@example.org>
From: Erik E. Fair <email@example.com>
Date: 06/22/2004 09:09:26
The point is to make sure that the user understands the risks
they're running. We now have a new statement to make:
When you're running binaries compiled specifically for
NetBSD, you are protected against the exploitation of a
class of programming mistakes that can lead to system
security issues, because the NetBSD kernel uses the system
Memory Management Unit (MMU) to prevent code from executing
on the CPU stack and in other places that have proven
"unsafe" in practice.
However, when you run a binary compiled for Linux (or fill
in your favorite emulation here), this protection is not
available because it causes too many Linux programs to fail
(i.e. they depend on this unsafe capability). We suggest
that you consider this issue carefully when you decide
which programs to run on your system.
We recommend that you use only programs that were specifically
compiled for NetBSD. If your software vendor does not
provide such support, please consider asking them for this.
The main thing I think we're disagreeing about is how loudly to