LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Relicensing and rebasing LibreOffice

LWN.net Weekly Edition for May 24, 2012

A uTouch architecture introduction

LWN.net Weekly Edition for May 17, 2012

Tasting the Ice Cream Sandwich

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

"Exec Shield" for Linux

"Exec Shield" for Linux

Posted May 2, 2003 21:06 UTC (Fri) by welinder (guest, #4699)
Parent article: "Exec Shield" for Linux

And in the process, you probably kill

  • wine, which needs to link some DLLs at certain addresses
  • gdb, which needs (needed?) to put some code into the child when using "print" for calling functions in the child.
  • ...
There are better ways, IMHO. For example the modified gccs out there that protect the return address with canaries.

(Log in to post comments)

"Exec Shield" for Linux

Posted May 2, 2003 21:14 UTC (Fri) by john54 (guest, #10988) [Link]

As far as I can see, it should not be a problem, as long as Wine creates those DLL areas as PROT_EXEC - which it probably already does. Alot of other code would break if that were not possible - such as the Linux dynamic linker.

"Exec Shield" for Linux

Posted May 3, 2003 4:24 UTC (Sat) by Gabe (guest, #10514) [Link]

Does it matter if talking about servers? Desktop security takes a back seat to server security.

"Exec Shield" for Linux

Posted May 3, 2003 6:26 UTC (Sat) by ctg (subscriber, #3459) [Link]

Think "application server". You might be running Windows applications on
your server and distribute them via X to user's screens. Now if you were
in a school/college/fairly hostile environment, then you might be
interested in this sort of security.

Copyright © 2012, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds