LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Interview: Kristen Carlson Accardi

LWN.net Weekly Edition for July 24, 2008

Tracing: no shortage of options

Interview: Wind River's John Bruggeman

LWN.net Weekly Edition for July 17, 2008

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Non-exec stack is better

Non-exec stack is better

Posted Mar 18, 2005 18:36 UTC (Fri) by BrucePerens (subscriber, #2510)
Parent article: Address space randomization in 2.6

For the stack, making stack pages non-executable is better. I think it works for everything but X86-32, intel left a protection bit out of the page design and the Solar Designer patch (which nobody likes either because it uses a segment) can still protect stacks on X86-32. Can anyone confirm if X86-64 has the protection bit?

Bruce

(Log in to post comments)

Non-exec stack is better

Posted Mar 19, 2005 5:25 UTC (Sat) by Han (guest, #28614) [Link]

http://www.bsdatwork.com/2003/08/13/essence_of_openbsd/

ORN: Two AMD Hammer (x86-64) boxes have been donated to the project so that OpenBSD will support this architecture. What are your thoughts about this processor? Is it better from a security standpoint than x86 (non-executable pages of memory, etc.)?

drahn: The Hammer implementation is much nicer in that it has a per-page execute bit; this allows W^X support with no special tricks. Other than this and a >32-bit address space, the machine is basically just a standard PC. OK, I have to admit that at the current time the fastest processors available are PCs (x86 based).

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds
Powered by Rackspace Managed Hosting.