On Sun, Feb 26, 2017 at 02:52:39PM +0100, Kamil Rytarowski wrote: > Can we have something like MAP_NOMPROTECT? Something like it would be > used to mmap(2) RWX region: > > void *mapping = mmap(NULL, rounded_size, PROT_READ | PROT_WRITE | > PROT_EXEC, MAP_ANON | MAP_PRIVATE | MAP_NOMPROTECT, -1, 0); > > Are doubled mappings more secure than this? >
what pax mprotect does is silently turn RWX mapping to RW.
