>> > In an ideal world people would write good code, and we could allow the stack
>> > to be executable. But it's not an ideal world, and admin's don't have the
>> > time to audit every daemon they run.
>>
>> In the real world, daemons get written carefully and are audited. If they
>> aren't, there are plenty of other attacks available (stack smashing is just
>> _one_ way to take advantage of a poorly written program).
> The do get tested.. but without the ability to deny stack execution, you
> may not detect the failure.
You do NOT need this to detect bug. If you'll smash return code with garbage
you'll get core dump with almost 100% probability. With stack execution or
without stack execution. Stack execution is needed to exploit bug, not to
detect it.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/