Thomas Dullien wrote:
>
> > It would appearat first glance that RSX uses the same technique as PAX.
> > Naturally, the PAX and RSX teams should confer to make a definitive
> > statement on similarities and differences.
>
> Just for the record, the technique bears no similarity. PAX provides
> real, non-executable PAGES on x86 -- RSX remaps the heap segments
> outside of the code segment limit.
To be more precise: RSX does _not_ provide non-exec stack, heap and so
on but the 'complement' speak executable code area. The segments which
are remapped are _not_ the heap(s), speak data segments, but the code
(marked as rx-p) areas.
The basic idea while writing RSX was not to provide some heavy artillery
but a small, very low penalty kernel module stopping not 100 but maybe
95% of wide spread local & remote attacks towards Linux machines.
There cannot be a doubt that installing the module to protect few but
endangered applications (like sshd, rshd, rpc) improves the system
security.
sincerely,
Paul Starzetz
