Re: Sabotaged PaXtest (was: Re: Patch 4/6 randomize the stack pointer)

[Peter Busser]

Hi!

> one thing that paxtest didn't get right in the 'kiddie' mode is that
> it still ran with an executable stack, that was not the intention but
> rather an oversight, it'll be fixed in the next release. still, this
> shouldn't leave you with a warm and fuzzy feeling about the security
> of intrusion prevention systems that 'pass' the 'kiddie' mode but fail
> the 'blackhat' mode, in the real life out there, only the latter matters
> (if for no other reason, then for natural evolution/adaptation of
> exploit writers).

I apologise for this bug. If someone had pointed this out in a clear and 
to-the-point kind of way, then this would have been fixed a long time ago.

Anyways, if anyone else has any suggestions, fixes, or special wishes for 
PaXtest (some exec-shield specific tests perhaps?), then please speak up now. 
I'd rather not bother this list again about PaXtest related issues.

Groetjes,
Peter.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/