Non-executable stack
db
db at traceroute.dk
Thu Oct 27 13:17:03 PDT 2005
On Thursday 27 October 2005 19:58, you wrote:
> > Ok thanks, but I was looking for a kernel level patch. Btw which ports
> > will break?
>
> I did not keep a list, but as far as I remember, the 'pure-pw' binary
> from pure-ftpd was the last thing that failed. Because it was not
> visible in first place (the port builded fine), I decided the risk of
> breaking things without noticing it was not worth it.
Ok, I was planing on using pure-ftpd.
> I don't mean that it's a bad thing, but it will cost you some time to
> find the bugs, report the bugs and get them fixed. And if you are
> willing to use it in a production environment, you have to fully test
> the software eacht time you are upgrading to be sure things will not
> break. It's also not officially supported as far as I know.
I'm not a kernel hacker and only have access to ia32, so I can't help develop
or test it, but I hope someone with the right skills and means also think
it's about time we give the admins and users the option of a non-executable
stack (and heap). If I can help in any way I will. Maybe my next computer
will be an AMD64, I think it must be the cheapest of the platforms with
hardware support for execute and read permission distinction on memory?
Best regards
db
More information about the freebsd-security
mailing list