On Tue, 2019-04-02 at 15:31 -0700, Matthew Garrett wrote: > On Fri, Mar 29, 2019 at 5:50 AM Igor Zhbanov <i.zhbanov@xxxxxxxxxxxx> wrote: > > I want to be sure that no unsigned code page could be executed. So exploits > > could only be of ROP kind and not being able to download any extra code > > from their servers. That's why I found that disabling of anonymous executable > > pages could be useful for that (as well as disabling of making executable > > pages writable to modify already mapped code). In conjunction with IMA it > > should guarantee that no untrusted code could be executed. > > Remember that many interpreted languages allow execution of code > provided to them on the command line (eg, python -c) and also grant > access to arbitrary syscalls, so there's still no guarantee that > you're only executing trusted code. Interpreters are a known concern, as Yves-Alexis Perez pointed out in his LSS-2018 Europe talk[1]. Mimi [1] https://events.linuxfoundation.org/wp-content/uploads/2017/12/Linu x-Kernel-Security-Contributions-by-ANSSI-Yves-Alexis-Perez-ANSSI.pdf
