Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S266218AbUFIRPZ (ORCPT ); Wed, 9 Jun 2004 13:15:25 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S266219AbUFIRPZ (ORCPT ); Wed, 9 Jun 2004 13:15:25 -0400 Received: from mail.dif.dk ([193.138.115.101]:53993 "EHLO mail.dif.dk") by vger.kernel.org with ESMTP id S266218AbUFIRPS (ORCPT ); Wed, 9 Jun 2004 13:15:18 -0400 Date: Wed, 9 Jun 2004 19:14:33 +0200 (CEST) From: Jesper Juhl To: Robert White Cc: "'Ingo Molnar'" , "'Christoph Hellwig'" , "'Mike McCormack'" , linux-kernel@vger.kernel.org Subject: RE: WINE + NX (No eXecute) support for x86, 2.6.7-rc2-bk2 In-Reply-To: Message-ID: References: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 904 Lines: 22 On Tue, 8 Jun 2004, Robert White wrote: > I would think that having an easy call to disable the NX modification would be both > safe and effective. That is, adding a syscall (or whatever) that would let you mark > your heap and/or stack executable while leaving the new default as NX, is "just as > safe" as flagging the executable in the first place. > Just having the abillity to turn protection off opens the door. If it is possible to turn it off then a way will be found to do it - either via buggy kernel code or otherwhise. Only safe approach is to have it enabled by default and not be able to turn it off IMHO. -- Jesper Juhl - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/