> I had a few minutes today to try an experiment, and I'm afraid >the idea of having ld always generate a PT_SUNWSTACK is a non-starter. > >The problem is that it overrides the behavior of 'set noexec_user_stack=1' >in /etc/system, and can therefore quietly allow programs that would >not previously been able to execute on the stack do so. >
Thanks for this investigation. There is another issue we haven't explored is the use a system call; there's a sysconf(_SC_STACK_PROT) but there's no way to set in on the fly. If we create a function to change it on the fly, we could make a LD_PRELOAD object which enforce it. The current mapped pages would not be protected but threadstacks and additional pages would be rw-. Casper _______________________________________________ opensolaris-discuss mailing list opensolaris-discuss@opensolaris.org
