> From your point of view. From my point of view, requiring execute
   > permission on any file backing an executable mapping would give an
   > enormous security benefit; it would, for example, allow one to ensure
   > that code could never be executed from any writable file system.
   
   Doesn't the noexec flag allow you to do this already?

that's what i thought.  i didn't follow thor's point anyway,  if
the file system is writable what is stopping me from adding the
'x' bit ?


to jonathan:  a x-bit-required-for-PROT_EXEC change needs a lot
of 'settle time' in -current.  not for 2.0.


.mrg.