On Wed, 2005-03-30 at 20:52 -0500, John Richard Moser wrote: > 3. I want control over the memory protections on the stack and heap. > PT_GNU_STACK allows for an executable stack/heap. Is there a way for me > to control this so that I can i.e. mandatorily make the stack/heap > PROT_READ|PROT_WRITE and never PROT_EXEC? The only way I can see is to > add a hook in load_elf_binary(). . . . > > > In case anyone is wondering, as an excercise (but potentially as > something I may aim at mainline), I'm trying to port some of the stuff > from PaX into an LSM; particularly, the memory protection enhancements. > As a proof of concept, I'm considering supporting PT_PAX_FLAGS from the > module; but I'm also considering a security label. My concern with a > security label is conflicting with SeLinux and having issues with ReiserFS. Have you looked at the execmem and execmod controls added to SELinux in kernels >= 2.6.11? Look at the selinux_file_mmap and selinux_file_mprotect hook functions and their shared helper function file_map_prot_check. As far as security labeling goes, you can easily start using your own attribute name in the security namespace (e.g. security.pax) without any conflict with SELinux, and reiserfs was recently fixed upstream to interact well with security modules in dealing with security attributes. -- Stephen Smalley <sds@private> National Security Agency
This archive was generated by hypermail 2.1.3 : Thu Mar 31 2005 - 05:10:37 PST