-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arjan van de Ven wrote:
> On Tue, 2005-03-29 at 14:07 -0500, John Richard Moser wrote:
>
>>-BEGIN PGP SIGNED MESSAGE-
[...]
>>/me shrugs. It's a security blanket for him mostly; he fears automagic
>>security maintainence.
>
>
> who is "
On Tue, 2005-03-29 at 14:07 -0500, John Richard Moser wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
>
> Arjan van de Ven wrote:
> >>>H you either need an executable stack or you don't. Can you explain
> >>>why you think there is a strong advantage for a "neutral" setting on
>
On Tue, 2005-03-29 at 03:29 -0500, John Richard Moser wrote:
> >>MF_PAX_PAGEEXEC
> >> ON: ET_EXEC enforced. Stack NX. Heap NX. Code PROT_EXEC.
> >> OFF: Stack and heap default to +X
> >> The PAGEEXEC flag will basically mandate the automated non-executable
> >> setting for the stack and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
John Richard Moser wrote:
>
>
> Arjan van de Ven wrote:
>
[...]
Three more notes, then I'll sleep. These notes won't include the two
paragraph long explaination of falling back to PT_GNU_STACK if
PT_PAX_FLAGS isn't there; compatibility has been
On Tue, 2005-03-29 at 02:53 -0500, John Richard Moser wrote:
> Right now, my rough sketch is:
>
> MF_PAX_PAGEEXEC
> ON: ET_EXEC enforced. Stack NX. Heap NX. Code PROT_EXEC.
> OFF: Stack and heap default to +X
> The PAGEEXEC flag will basically mandate the automated non-executable
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arjan van de Ven wrote:
>>You need to consider that in the end I'd need PT_GNU_STACK to do
>>everything PaX wants
>
>
> why?
> Why not have independent flags for independent things?
> That way you have both cleanness of design and you don't break a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Arjan van de Ven wrote:
>>You need to consider that in the end I'd need PT_GNU_STACK to do
>>everything PaX wants
>
>
> why?
> Why not have independent flags for independent things?
> That way you have both cleanness of design and you don't break a
>
> You need to consider that in the end I'd need PT_GNU_STACK to do
> everything PaX wants
why?
Why not have independent flags for independent things?
That way you have both cleanness of design and you don't break anything.
> The point is
> to not break anything, yet to still make things easie
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Brandon Hale wrote:
>>>actually Linus was really against adding non-related things to this
>>>flag. And I think he is right...
>>>
>
>
> Makes sense to me.
>
>
[...]
>
> IMO you have this backwards, John. Rather than having the majority (ES,
> > actually Linus was really against adding non-related things to this
> > flag. And I think he is right...
> >
Makes sense to me.
> I'm not interested in altering and hacking up PT_GNU_STACK; PT_PAX_FLAGS
> already supplies enough to do what I want. My goal is to have
> PT_PAX_FLAGS code in m
10 matches
Mail list logo
