Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 25 Sep 2020 22:49:37 +0200
From: Markus Wichmann <nullplan@....net>
To: musl@...ts.openwall.com
Subject: Re: SIGSEGV with TEXTREL

On Fri, Sep 25, 2020 at 04:13:19PM -0400, Dominic Chen wrote:
> On 9/25/2020 2:58 PM, Rich Felker wrote:
> > large code model, (2) all security policies have to be
> > turned off that prevent exec+write mappings for this to
> > work at all which is not acceptable in many environments.
>
> I don't see how (2) applies. Both glibc and the previous patch only
> remap text segments writable during relocation processing, and then
> remap them back read-only immediately afterwards. If you're referring to
> W^X, text segments don't need to be executable during relocation
> processing either, so that can be avoided.
>

Some security mechanisms prevent mapping anything executable that has
ever been writable. I believe SELinux can be set up this way, but I am
not sure. Of course, this interferes with some interpreters, since it
essentially prevents dynamic recompilation, but that is a specific use
case users of SELinux might be willing to sacrifice.

Ciao,
Markus

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.