On 10/20/10 3:39 AM, casper....@sun.com wrote:
I had a few minutes today to try an experiment, and I'm afraid the idea of having ld always generate a PT_SUNWSTACK is a non-starter. The problem is that it overrides the behavior of 'set noexec_user_stack=1' in /etc/system, and can therefore quietly allow programs that would not previously been able to execute on the stack do so.Thanks for this investigation. There is another issue we haven't explored is the use a system call; there's a sysconf(_SC_STACK_PROT) but there's no way to set in on the fly. If we create a function to change it on the fly, we could make a LD_PRELOAD object which enforce it. The current mapped pages would not be protected but threadstacks and additional pages would be rw-. Casper
Yet another possibility would be for ld to issue an extra PT_NULL program header, rather than a PT_SUNWSTACK. PT_NULL is a no-op, and would not alter behavior, but elfedit can be later be used to turn it into something else, such as PT_SUNWSTACK. - Ali _______________________________________________ opensolaris-discuss mailing list opensolaris-discuss@opensolaris.org
