On Sun, 2005-02-06 at 09:08 -0800, Linus Torvalds wrote: > > On Sun, 6 Feb 2005, Andi Kleen wrote: > > > > Force READ_IMPLIES_EXEC for all 32bit processes to fix > > the 32bit source compatibility. > > Andi, stop this. We're _not_ going to say "32-bit executables don't need > PROT_EXEC. The executables would need to be marked broken per-executable, > not some kind of "we don't do this globally" setting.
marking PT_GNU_STACK as RWE would be an acceptable marking imo; one can insert such a marking post build (via the execstack tool), and during the build with either an addition to the cflags or via a one line code addition. In addition there are runtime markings; you can use setarch to start an application with READ-IMPLIES-EXEC set (although you can't do that for setuid binaries for obvious reasons) Note that these techniques all exist today. The only issue is that the current code doesn't do the RWE->READIMPLIESEXEC binding, which my patch fixed. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
