Re: [announce] [patch] NX (No eXecute) support for x86, 2.6.7-rc2-bk2

[Bill Davidsen]

Ulrich Drepper wrote:
> Linus Torvalds wrote:
>
>
> > If things are really that good, why are we even worrying about this?
> >
> > It sounds like we should just have NX on by default even for executables
> > that don't have any NX info records,
>
>
> This is possible in one of the modes the FC kernel supports but not a
> good default.
>
> While most of the code we ship has no problems, 3rd party code is a
> completely different story.  Most of the time this code is not as
> cleanly written as the (cleaned-up) code we ship.  If anything, you can
> announce your intention to change the default in a few years and urge
> people to clean up their code.  If you want the maximum protection now
> go with Ingo's exec-shield patch and the /proc/sys/kernel/exec-shield
> entry which can be set to 2 to enable the strict mode.  That's certainly
> the best solution for edge servers but not for application servers
> running lots of dubious 3rd party code.
I have complained about breaking existing programs many times, but in 
this case I think the default should be no exec on all user writable 
data, and let the admin relax the security as needed. Or at least make a 
really obnoxious whine default, so people will know they have to deal 
with what's coming in some (near) future release.

And this should be noted at the top of the ChangeLog for versions where 
it changes, please! This will bite people, I just think it's needed to 
keep Linux the most secure o/s around. Yes, I know about openBSD...

--
   -bill davidsen (davidsen@xxxxxxx)
"The secret to procrastination is to put things off until the
 last possible moment - but no longer"  -me
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/