LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

Plugging into GCC

LWN.net Weekly Edition for October 2, 2008

Ubuntu debuts its Upstream Report

openSUSE and the distribution of proprietary software

LPC: What's happening with webcams

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Security benefits of noexec?

Security benefits of noexec?

Posted Mar 10, 2008 23:24 UTC (Mon) by nix (subscriber, #2304)
In reply to: Security benefits of noexec? by epa
Parent article: Secure temporary files in Linux (ZDNet India) 

It's trivial to do with mmap (PROT_EXEC). Just look at the implementation 
of the dynamic linker, which has to do all of this stuff anyway.

(Log in to post comments)

mmap and PROT_EXEC

Posted Mar 11, 2008 0:00 UTC (Tue) by jreiser (subscriber, #11027) [Link] 

mmap() and mprotect() involving PROT_EXEC are not necessarily trivial when Security Enhanced
Linux (SELinux) is present.  In particular, in some environments it is reasonable to attempt
to enforce the policy: "Any instruction ever executed must be fetched from the unchanging
PROT_EXEC pages of the following explicit list of files."  Accurate implementation of this
policy is a successful defense against many exploits.

mmap and PROT_EXEC

Posted Mar 11, 2008 12:36 UTC (Tue) by nix (subscriber, #2304) [Link] 

Yes, SELinux can plug this hole (although it might be annoying to do so).

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds