On Wednesday 22 August 2012 18:17:37 Jeffrey Walton wrote: > The posture would have saved a number of folks from, for example, > Pidgin's latest rounds of Critical Vulnerabilities (memory corruption > and code execution). No-exec stacks and heaps would have reduced > many/most to an annoying UI problem (a call to abort()). bad example: pidgin doesn't require execstacks (i'm not sure it ever has), so that would have made 0 difference. no one does exec-heaps by default ... the code itself has to explicitly do this, and there's nothing the toolchain could have done to stop that (not that pidgin enables exec on memory returned by malloc afaik). only a kernel patch (such as PaX) which explicitly denies mprotect calls that try to enable exec & write bits simultaneously would have prevented this scenario proactively. in fact, very little to no packages request an executable stack by default. binary-only packages tend to be the only ones nowadays that do, and that's usually because the people producing the pkgs have broken code. -mike
Attachment:
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Autoconf mailing list Autoconf@xxxxxxx https://lists.gnu.org/mailman/listinfo/autoconf
