Date: Thu, 3 May 2012 12:09:27 +0800 From: Eugene Teo <eugeneteo@...il.com> To: Solar Designer <solar@...nwall.com> Cc: owl-dev@...ts.openwall.com, Petr Matousek <pmatouse@...hat.com> Subject: Re: [GSoC] featues to port On Thu, May 3, 2012 at 12:17 AM, Solar Designer <solar@...nwall.com> wrote: > Vasily, Eugene, Petr, all - > > On Wed, May 02, 2012 at 07:28:06PM +0400, Vasily Kulikov wrote: > > On Tue, May 01, 2012 at 08:17 +0400, Solar Designer wrote: > > > Specifically, we want better support for exec_shield enforcing mode. > > > RHEL5/6 kernels already support exec_shield=2 for this, but glibc would > > > do an mprotect() +x anyway - so we were considering a way to inform > > > glibc of this setting in the kernel, and indeed we'd need to patch > glibc > > > to recognize that. Specifically, my suggestion was to use AT_FLAGS. > > > > I agree it can be AT_FLAGS. But is it convenient for RH folks? > > Eugene, Petr - any comments? > > Vasily - maybe locate and post some links to most-relevant messages from > kernel-hardening to help Eugene and Petr consider this? > I would prefer that we file a bug for this one, and post the information there. Let me know the bug #.. Take note that we are extremely busy of late, so our replies may delay.... Eugene Content of type "text/html" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.