Date: Fri, 25 Sep 2020 22:49:37 +0200 From: Markus Wichmann <nullplan@....net> To: musl@...ts.openwall.com Subject: Re: SIGSEGV with TEXTREL On Fri, Sep 25, 2020 at 04:13:19PM -0400, Dominic Chen wrote: > On 9/25/2020 2:58 PM, Rich Felker wrote: > > large code model, (2) all security policies have to be > > turned off that prevent exec+write mappings for this to > > work at all which is not acceptable in many environments. > > I don't see how (2) applies. Both glibc and the previous patch only > remap text segments writable during relocation processing, and then > remap them back read-only immediately afterwards. If you're referring to > W^X, text segments don't need to be executable during relocation > processing either, so that can be avoided. > Some security mechanisms prevent mapping anything executable that has ever been writable. I believe SELinux can be set up this way, but I am not sure. Of course, this interferes with some interpreters, since it essentially prevents dynamic recompilation, but that is a specific use case users of SELinux might be willing to sacrifice. Ciao, Markus
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.