PaX mprotect now on for amd64

To: current-users%netbsd.org@localhost
Subject: PaX mprotect now on for amd64
From: christos%zoulas.com@localhost (Christos Zoulas)
Date: Sat, 14 May 2016 13:09:53 -0400

Hi,

I just turned on mprotect for amd64. The following sysctls have
been set to 1

    security.pax.mprotect.enable=1
    security.pax.mprotect.global=1

If you want to see what processes hit this you can:

    security.pax.mprotect.debug=1

This breaks programs that need to map segments both writable and executable,
for example java. To fix them you can:

paxctl +m /path/to/bin/java

Enjoy,

christos

Follow-Ups:
- Re: PaX mprotect now on for amd64
  - From: Thomas Klausner
- Re: PaX mprotect now on for amd64
  - From: Michael van Elst
- Re: PaX mprotect now on for amd64
  - From: David Brownlee

Prev by Date: daily CVS update output
Next by Date: Automated report: NetBSD-current/i386 build failure
Previous by Thread: i915drmkms on Dell Optiplex 760
Next by Thread: Re: PaX mprotect now on for amd64
Indexes:

Home | Main Index | Thread Index | Old Index