On Fri, Jul 06, 2007 at 03:24:20PM +0200, Segher Boessenkool wrote: > >Personally, I'd rather stick the VM_READ in there, partially for > >selfish reasons (our root filesystems are based on older glibcs), > >and because it seems a little too soon to deprecate glibc 2.3, > > Oh I don't know, can't we just deprecate glibc completely? ;-)
I wish. :-) > >but also because in the absence of hardware support, the VM_EXEC > >check will be nondeterministic, kicking in only when the first > >fault for a page is to execute. > > I don't think that is a big concern. Well, it means that leaving VM_READ out of the check (except where the hardware PTE has an exec bit) isn't really buying us anything security-wise (especially since the primary reason for no-exec protection is to avoid code injections via stack overflow, and those pages will usually already be present), so it doesn't hurt much to let things keep working. At the least, I'd like it to keep working for a few more kernel releases (with a warning printed when a VM_EXEC-only test would have failed), so people have time to upgrade glibc. -Scott _______________________________________________ Linuxppc-dev mailing list Linuxppc-dev@ozlabs.org https://ozlabs.org/mailman/listinfo/linuxppc-dev
