Re: Non-executable stack

From: db (db_at_traceroute.dk)
Date: 10/27/05

  • Next message: Colin Percival: "Re: Is the server portion of freebsd-update open source?" 
    To: Jimmy Scott <jimmy@inet-solutions.be>, freebsd-security@freebsd.org
Date: Thu, 27 Oct 2005 20:17:02 +0000

    On Thursday 27 October 2005 19:58, you wrote:
    > > Ok thanks, but I was looking for a kernel level patch. Btw which ports
    > > will break?
    >
    > I did not keep a list, but as far as I remember, the 'pure-pw' binary
    > from pure-ftpd was the last thing that failed. Because it was not
    > visible in first place (the port builded fine), I decided the risk of
    > breaking things without noticing it was not worth it.

    Ok, I was planing on using pure-ftpd.

    > I don't mean that it's a bad thing, but it will cost you some time to
    > find the bugs, report the bugs and get them fixed. And if you are
    > willing to use it in a production environment, you have to fully test
    > the software eacht time you are upgrading to be sure things will not
    > break. It's also not officially supported as far as I know.

    I'm not a kernel hacker and only have access to ia32, so I can't help develop
    or test it, but I hope someone with the right skills and means also think
    it's about time we give the admins and users the option of a non-executable
    stack (and heap). If I can help in any way I will. Maybe my next computer
    will be an AMD64, I think it must be the cheapest of the platforms with
    hardware support for execute and read permission distinction on memory?

    Best regards
    db
    _______________________________________________
    freebsd-security@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-security
    To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

  • Next message: Colin Percival: "Re: Is the server portion of freebsd-update open source?"