On Fri, Jun 18, 2010 at 04:00:12AM -0700, Roland McGrath wrote: > Do we care about the exec-shield=2 configuration? Does anybody use that? I'd be surprised to hear that anyone changes that sysctl these days. > In the execshield patch we have in Fedora at this point, the > (exec_shield & 2) special cases are the only arch-independent > changes that are not fairly clean and isolated. > > The patch puts a comment in sysctl.c about several bit flags in > exec_shield, but actually only &2 and !=0 are really meaningful > in our code. If we could get rid of exec_shield&2 then it would > be down to just exec_shield!=0 and as of now that already only > affects NX-emulation in fact. > > If someone does want a behavior akin to exec_shield&2 that could > be done cleanly (and upstreamed) with a saner sysctl or two. > What it does now is a little incoherent. Sounds like a good idea to me. Dave _______________________________________________ kernel mailing list kernel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/kernel
