[ubuntu-hardened] 16.04 LTS: W^X detection - lack of a config options; X86_PTDUMP_CORE and DEBUG_WX
daniel curtis
sidetripping at gmail.com
Mon Jun 19 14:32:32 UTC 2017
Hello Seth
Thanks for an answer. I was surprised, that there is no W^X detection
related options (such as CONFIG_DEBUG_WX etc.) Mr Kees Cook mentioned about
this on his blog: "(...) added in v4.4 which performs a scan of memory at
boot time and yells loudly if unexpected memory protection are found." [1]
>> This configuration is set in our newer kernels.
I can get this configuration by installing kernel HWE/LTS Enablement Stacks
for 16.04.2 release, right?
Thanks, best regards.
____________________
[1]
https://outflux.net/blog/archives/2016/09/27/security-things-in-linux-v4-4/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20170619/b36d04ed/attachment.html>
More information about the ubuntu-hardened
mailing list