>On Fri, 12 Jun 1998, Dax Kelson wrote: >> A new feature in Solaris 2.6 is the ability to turn off executable stacks. >[...] >> Does anyone know how secure this implementation is? > >More importantly, does anyone know whether this breaks anything, like >early versions of Solar Designer's Linux patch did? The "protect_stack" script which implements this feature for 2.5[.1] does break JIT compilers for Java as it also protects all BSS pages. The 2.6 feature probably breaks gcc nested functions (when passed as arguments) and perhaps gcc objective C as both generate code on the stack. But I've heard no breakage reports on any major program; all reports I heard on protect_stack had to do with the data segment protection change. (Basically, I had no choice but to protect all ZFOD pages) The 2.6 feature is only supported on Ultra class and sun4m/sun4d systems; not on others, not en x86 either. I don't think x86 hardware supports the per-page protection bit required; you can only do it per-segment; this makes it impossible for programs to use mprotect() on the stack to get execute permission back. The 64 bit SPARC V9 ABI has removed the requirement for the stack to be executable; so the stack is not executable for 64 bit processes in Solaris 2.7. Casper
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:57:59 PDT