On Mon, 18 Aug 2003 pageexec@freemail.hu wrote: > > Anyways, on an i386 you can do W^X somewhat. Not as perfectly as you > > can on cpus that have a per-page X bit... > > You are wrong again, PaX provides perfect per-page non-executable pages > using segmentation (SEGMEXEC), there are no restrictions on the ordering > of data/code pages like in OpenBSD. > BTW: have anyone tried to talk wih Linus about implementing some PaX (or even GR) functionality in official Kernels? I know that the argument for not implementing Solar Designer's nonexecutable stack patch in official kernel was that it is easily bypassable, so what about PaX??? I hate seeing GOT and other segments rwx nowdays (while it's marked as r-x it IS executable). -- Mariusz Wołoszyn Internet Security Specialist, GTS - Internet Partners
