On Tue, Jun 22, 2004 at 05:23:18PM -0700, Erik E. Fair wrote:
> Sometimes it's not even a matter of security - I remember all the 
> screaming when deferencing address zero stopped working on newer UNIX 
> systems of the day, and that broke a whole lot of (badly written) 
> software. Incremental improvements in practice are still a good thing.
> 
> Since software from our own source tree is unaffected (or has been 
> cleaned up already), it seems to me that the explicit enforcement of 
> execution permissions needs to be a per-emulation flag, and that in 
> our kernel configurations, those emulations that require the 
> enforcement off should themselves be commented out by default with a 
> clear notation of the security threat that they pose. We can change 
> each emulation's flag and "commented out" status when they clean up 
> their acts (presuming they ever will; emulations of EOL'd operating 
> systems will just have to endure whatever state they turn out to be 
> in).

I don't think having the emulations commented out by default is a big deal,
as we also provide LKMs, and there is LKM support in the GENERIC kernels.
We'd just have to add to the release notes that emulation support now is not
enabled by default, and you have to uncomment them in /etc/lkm.conf to use
them (along with the security warnings about non-exec stack).


-- 
Manuel Bouyer <bouyer@antioche.eu.org>
     NetBSD: 26 ans d'experience feront toujours la difference
--