[ubuntu-hardened] Re: Collecting NX information
Arjan van de Ven
arjan at infradead.org
Mon Mar 28 12:55:20 CST 2005
On Mon, 2005-03-28 at 13:50 -0500, John Richard Moser wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
>
> Arjan van de Ven wrote:
> >>As I understand, PT_GNU_STACK uses a single marking to control whether a
> >>task gets an executable stack and whether ASLR is applied to the
> >>executable.
> >
> >
> > you understand wrongly.
> >
> > PT_GNU_STACK just sets the exec permission for the stack (and the heap
> > now mirrors the stack). Nothing more nothing less.
> >
>
> So then this would be slightly more useful than I had previously
> thought, bringing control over the randomization as well?
actually Linus was really against adding non-related things to this
flag. And I think he is right...
Now.. do you have any examples of when you want a binary marked for no-
randomisation ?? (eg something the setarch flag won't fix/won't be good
enough for)
More information about the ubuntu-hardened
mailing list