From: Jakub Jelinek <jakub@redhat.com>
To: davidm@hpl.hp.com
Cc: Ulrich Drepper <drepper@redhat.com>, linux-kernel@vger.kernel.org
Subject: Re: Non-Exec stack patches
Date: Wed, 24 Mar 2004 02:28:40 -0500 [thread overview]
Message-ID: <20040324072840.GK31589@devserv.devel.redhat.com> (raw)
In-Reply-To: <16481.13780.673796.20976@napali.hpl.hp.com>
On Tue, Mar 23, 2004 at 11:16:36PM -0800, David Mosberger wrote:
> I'm not following you on the "get ld.so handling free" part. How is
> that handling free?
What I meant is that it is already written and tested.
> Actually, that's something that worries me. Somebody just needs to
> succeed in loading any shared object with the right PT_GNU_STACK
> header and then the entire program will be exposed to the risk of a
> writable stack. On ia64, I just don't see any need to ever implicitly
> turn on execute-permission on the stack, so why allow this extra
> backdoor?
What kind of backdoor is it? If you dlopen untrusted shared libraries
into your program you have far bigger problem than executable
stack (you can execute any code it wants in its constructors).
If there is a shared library which needs executable stack for its use
(on !IA64 !PPC64 this is e.g. any library which takes address of
a nested function and passes it to some other function and/or stores
it into some variable which cannot be optimized out, on IA64 or PPC64
this is of course much rarer, but it is still possible some language
interpreter or something builds code on the fly on the stack).
Jakub
next prev parent reply other threads:[~2004-03-24 7:31 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-03-23 23:12 Non-Exec stack patches Kurt Garloff
2004-03-23 23:22 ` Ingo Molnar
2004-03-23 23:49 ` Andrew Morton
2004-03-24 0:21 ` Kurt Garloff
2004-03-24 0:38 ` David Mosberger
2004-03-24 1:20 ` Ulrich Drepper
2004-03-24 1:41 ` David Mosberger
2004-03-24 2:01 ` Ulrich Drepper
2004-03-24 7:09 ` David Mosberger
2004-03-24 7:00 ` Jakub Jelinek
2004-03-24 7:16 ` David Mosberger
2004-03-24 7:28 ` Jakub Jelinek [this message]
2004-03-24 7:45 ` David Mosberger
2004-03-24 16:29 ` John Reiser
2004-03-24 17:12 ` David Mosberger
2004-03-24 17:24 ` Jakub Jelinek
2004-03-24 18:01 ` David Mosberger
2004-03-24 19:02 ` John Reiser
2004-03-24 19:18 ` David Mosberger
2004-03-24 0:41 ` Andrew Morton
2004-03-24 0:41 ` Ingo Molnar
2004-03-24 10:53 ` Kurt Garloff
[not found] <1D3lO-3dh-13@gated-at.bofh.it>
[not found] ` <1D3YZ-3Gl-1@gated-at.bofh.it>
2004-03-24 6:01 ` Andi Kleen
2004-03-24 10:23 ` Stefan Smietanowski
2004-03-24 11:27 ` Andi Kleen
2004-03-24 22:03 ` Kurt Garloff
[not found] <20040324002149.GT4677@tpkurt.garloff.de.suse.lists.linux.kernel>
[not found] ` <16480.55450.730214.175997@napali.hpl.hp.com.suse.lists.linux.kernel>
[not found] ` <4060E24C.9000507@redhat.com.suse.lists.linux.kernel>
[not found] ` <16480.59229.808025.231875@napali.hpl.hp.com.suse.lists.linux.kernel>
[not found] ` <20040324070020.GI31589@devserv.devel.redhat.com.suse.lists.linux.kernel>
[not found] ` <16481.13780.673796.20976@napali.hpl.hp.com.suse.lists.linux.kernel>
[not found] ` <20040324072840.GK31589@devserv.devel.redhat.com.suse.lists.linux.kernel>
[not found] ` <16481.15493.591464.867776@napali.hpl.hp.com.suse.lists.linux.kernel>
[not found] ` <4061B764.5070008@BitWagon.com.suse.lists.linux.kernel>
[not found] ` <16481.49534.124281.434663@napali.hpl.hp.com.suse.lists.linux.kernel>
[not found] ` <20040324172454.GP31589@devserv.devel.redhat.com.suse.lists.linux.kernel>
2004-03-24 17:49 ` Andi Kleen
2004-03-24 17:54 ` Jakub Jelinek
-- strict thread matches above, loose matches on Subject: below --
2004-04-14 7:28 Siddha, Suresh B
2004-04-14 8:23 ` Jamie Lokier
2004-04-14 9:47 ` Jamie Lokier
2004-04-14 18:30 ` Kurt Garloff
2004-04-14 20:54 ` Jeff Dike
2004-04-14 8:45 Siddha, Suresh B
2004-04-14 9:38 ` Jamie Lokier
2004-04-14 19:14 Siddha, Suresh B
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20040324072840.GK31589@devserv.devel.redhat.com \
--to=jakub@redhat.com \
--cc=davidm@hpl.hp.com \
--cc=drepper@redhat.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox