Re: [PATCH] [SECURITY] suid procs exec'd with bad 0,1,2 fds

Perry Harrington (pedward@sun4.apsoft.com)
Tue, 4 Aug 1998 13:32:08 -0700 (PDT)

> Also true.
>
> But I have yet another technical argument. It BREAKS the existing elf
> ABI's of all systems I know of.
>
> I have the 32-bit Sparc and 32-bit MIPS ELF specifications here for
> reference and both specify:
>
> "The stack segment has READ, WRITE, and EXECUTE permissions."
>

But what uses exec stacks, other than exploits?

I know that breaking certain specs is bad, but what if the perceived value
is worth more than full adherence to the spec?

> I don't have it handy, but I would not be surprised if the x86 ELF
> specs say the same thing. Someone can easily check this.
>
> Dean Gaudet made a reference to Solaris2.7 and the fact that they've
> turned off execute permission for the stack on Sparc. This is for
> 64-bit Sparc binaries covered on the new 64-bit V9 processor ABI.
> They did not turn off execution for the stack segment when existing
> 32-bit binaries run.
>
> Later,
> David S. Miller
> davem@dm.cobaltmicro.com

-- 
Perry Harrington       Linux rules all OSes.    APSoft      ()
email: perry@apsoft.com 			Think Blue. /\


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html