Date: Mon, 20 Apr 2020 23:17:51 +0200 From: Szabolcs Nagy <nsz@...t70.net> To: Nicholas Piggin <npiggin@...il.com> Cc: Rich Felker <dalias@...c.org>, Nicholas Piggin via Libc-alpha <libc-alpha@...rceware.org>, libc-dev@...ts.llvm.org, linuxppc-dev@...ts.ozlabs.org, musl@...ts.openwall.com Subject: Re: Powerpc Linux 'scv' system call ABI proposal take 2 * Nicholas Piggin <npiggin@...il.com> [2020-04-20 12:08:36 +1000]: > Excerpts from Rich Felker's message of April 20, 2020 11:29 am: > > Also, allowing patching of executable pages is generally frowned upon > > these days because W^X is a desirable hardening property. > > Right, it would want be write-protected after being patched. "frowned upon" means that users may have to update their security policy setting in pax, selinux, apparmor, seccomp bpf filters and who knows what else that may monitor and flag W&X mprotect. libc update can break systems if the new libc does W&X.
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.