On 12/04/2023 06:13, Trent W. Buck wrote:
FYI,
systemd's MemoryDenyWriteExecute=yes breaks "git grep" because of pcre2jit.
An easy test command is something like this:
$ journalctl --user -fn0 & # so you see the error
$ systemd-run --property=MemoryDenyWriteExecute=yes --user git
FYI,
systemd's MemoryDenyWriteExecute=yes breaks "git grep" because of pcre2jit.
An easy test command is something like this:
$ journalctl --user -fn0 & # so you see the error
$ systemd-run --property=MemoryDenyWriteExecute=yes --user git -C
/srv/vcs/kb grep -Fwi mutt
--error-->
tags + moreinfo
quit
Hi,
Instead, it is possible to enable a different allocator that uses
separate mappings for the same allocation, one with read/write and one
with read/executable mappings, the placement of which is randomized in
the process's virtual address space, making abuse much
Source: pcre2
Version: 10.36-2
Severity: important
X-Debbugs-Cc: a...@kernel.org
Dear Maintainer,
Currently, pcre2 is built in a mode where its JIT uses memory mappings
that are writable and executable at the same time, which is unsafe and
unnecessary.
Instead, it is possible to enable a
4 matches
Mail list logo