From owner-freebsd-questions  Sat Jun 23 18: 7:38 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from trevarno.llnl.gov (otsa-port-25.llnl.gov [128.15.179.125])
	by hub.freebsd.org (Postfix) with ESMTP id 47C3837B407
	for <questions@freebsd.org>; Sat, 23 Jun 2001 18:07:35 -0700 (PDT)
	(envelope-from alley1@llnl.gov)
Received: (from wea@localhost)
	by trevarno.llnl.gov (8.9.3/8.9.3) id SAA00295
	for questions@freebsd.org; Sat, 23 Jun 2001 18:07:33 -0700 (PDT)
Date: Sat, 23 Jun 2001 18:07:33 -0700 (PDT)
From: Ed Alley <alley1@llnl.gov>
Message-Id: <200106240107.SAA00295@trevarno.llnl.gov>
To: questions@freebsd.org
Subject: execve() security question
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

	This may be the wrong place to ask this question,
if so, my appologies and please direct me elsewhere. I am
 a newbie to FreeBSD having graduated from Linux U. ;-)

	My question has to do with the execve() system call:

Is it possible for the kernel to detect if the exec came
from the text area of a process?

	If it is possible for the kernel to tell where the
exec came from, then the kernel could disallow the exec
from the stack, or the heap or somewhere other then text.
This would eliminate buffer overflow threats, that try
to exec a shell.

	In my opinion, no legitimate code should ever need
to run in the data or the stack of a process. (This is
probably a hardware problem, however.)

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message