> On Thu, 18 Dec 1997, Martin von Loewis wrote:
>
> > Whether this is a good security implementation for Linux was subject
> > to heavy discussions; my feeling is that it is not. In any case, the
> > implementations presented so far had limitations. For example, they
> > break existing applications. I assume that there will be no such patch
> > made to Linux until these limitations are removed.
>
> Have you actually tried the patch and documented such breakage? I know
> numerous people using the patch, all of whom are extremely happy with it.
My understanding is that the current nonexec-stack patch works so well
because it cleverly disables itself when it detects code that will break.
Although this does make it compatible, it doesn't make it secure.
Solutions to these problems have been rumoured for Linux 2.3.X.
I believe that there were confirmed reports of applications that broke
using the /tmp patch; it is also not 'standard' POSIX behavior,
apparently. Discussion on this list seems to agree that a per-user /tmp
directory seems to be a better solution, and several implementation ideas
have been discussed. I expect this will be the ultimate solution
integrated into the kernel, as soon as we developers can agree on how
exactly this should work.
--Scott
@ @
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-oOO-(_)-OOo-=-=-=-=-=
C. Scott Ananian: cananian@lcs.mit.edu / Declare the Truth boldly and
Laboratory for Computer Science/Crypto / without hindrance.
Massachusetts Institute of Technology /META-PARRESIAS AKOLUTOS:Acts 28:31
-.-. .-.. .. ..-. ..-. --- .-. -.. ... -.-. --- - - .- -. .- -. .. .- -.
PGP key available via finger and from http://www.pdos.lcs.mit.edu/~cananian