|
|
Subscribe / Log in / New account

Re: [announce] [patch] NX (No eXecute) support for x86, 2.6.7-rc2-bk2

From:  Linus Torvalds <torvalds-AT-osdl.org>
To:  Ingo Molnar <mingo-AT-elte.hu>
Subject:  Re: [announce] [patch] NX (No eXecute) support for x86, 2.6.7-rc2-bk2
Date:  Wed, 2 Jun 2004 14:13:13 -0700 (PDT)
Cc:  linux-kernel-AT-vger.kernel.org, Andrew Morton <akpm-AT-osdl.org>, Andi Kleen <ak-AT-suse.de>, Arjan van de Ven <arjanv-AT-redhat.com>, "Siddha, Suresh B" <suresh.b.siddha-AT-intel.com>, "Nakajima, Jun" <jun.nakajima-AT-intel.com>



On Wed, 2 Jun 2004, Ingo Molnar wrote:
> 
> If the NX feature is supported by the CPU then the patched kernel turns
> on NX and it will enforce userspace executability constraints such as a
> no-exec stack and no-exec mmap and data areas. This means less chance
> for stack overflows and buffer-overflows to cause exploits.

Just out of interest - how many legacy apps are broken by this? I assume 
it's a non-zero number, but wouldn't mind to be happily surprised.

And do we have some way of on a per-process basis say "avoid NX because
this old version of Oracle/flash/whatever-binary-thing doesn't run with
it"?

		Linus
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/



to post comments


Copyright © 2004, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds