Re: how to determine if the noexec stack is defined by an application

2007-06-29 Thread Arjan van de Ven
On Fri, 2007-06-29 at 18:21 -0700, Florin Andrei wrote: > Arjan van de Ven wrote: > >> But it's running a Web service which is a combination of C code and > >> Tomcat/Java. I have no clue how to determine which portions specify a > >> noexec stack and which don't. > > > > like this: > > > > $ e

Re: how to determine if the noexec stack is defined by an application

2007-06-29 Thread Florin Andrei
Arjan van de Ven wrote: But it's running a Web service which is a combination of C code and Tomcat/Java. I have no clue how to determine which portions specify a noexec stack and which don't. like this: $ eu-readelf -l /bin/true | grep STACK GNU_STACK 0x00 0x 0x 0x

Re: how to determine if the noexec stack is defined by an application

2007-06-29 Thread Arjan van de Ven
On Sat, 2007-06-30 at 00:41 +0200, Andreas Schwab wrote: > Arjan van de Ven <[EMAIL PROTECTED]> writes: > > > (all others default to executable stack) > > Except ia64. for ia64 it depends on the personality actually .. just to make it more complex. -- if you want to mail me at work (you don't)

Re: how to determine if the noexec stack is defined by an application

2007-06-29 Thread Andreas Schwab
Arjan van de Ven <[EMAIL PROTECTED]> writes: > (all others default to executable stack) Except ia64. Andreas. -- Andreas Schwab, SuSE Labs, [EMAIL PROTECTED] SuSE Linux Products GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany PGP key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4

Re: how to determine if the noexec stack is defined by an application

2007-06-29 Thread Arjan van de Ven
On Sat, 2007-06-30 at 00:15 +0200, Andreas Schwab wrote: > Arjan van de Ven <[EMAIL PROTECTED]> writes: > > > like this: > > > > $ eu-readelf -l /bin/true | grep STACK > > GNU_STACK 0x00 0x 0x 0x00 0x00 RW 0x4 > > > > > > (replace /bin/true with the binary or li

Re: how to determine if the noexec stack is defined by an application

2007-06-29 Thread Andreas Schwab
Arjan van de Ven <[EMAIL PROTECTED]> writes: > like this: > > $ eu-readelf -l /bin/true | grep STACK > GNU_STACK 0x00 0x 0x 0x00 0x00 RW 0x4 > > > (replace /bin/true with the binary or library you want to check) > > if it says "RW" like here, it'll have non-exec

Re: how to determine if the noexec stack is defined by an application

2007-06-29 Thread Arjan van de Ven
> But it's running a Web service which is a combination of C code and > Tomcat/Java. I have no clue how to determine which portions specify a > noexec stack and which don't. > > In case it turns out some portions do not specify a noexec stack, my > next question is how to get the application t

how to determine if the noexec stack is defined by an application

2007-06-29 Thread Florin Andrei
I'm reading Ingo's NX quick start document: http://people.redhat.com/mingo/nx-patches/QuickStart-NX.txt Quote: "If an application defines a noexec stack then the kernel will enforce this executability, and all attempts to execute on the stack will be prevented by the hardware." My question i