Date: Sun, 31 Aug 2003 20:50:02 +0100 (BST) From: "=?iso-8859-1?q?Pedro=20F.=20Giffuni?=" <giffunip@yahoo.com> To: Peter Jeremy <PeterJeremy@optushome.com.au> Cc: freebsd-hackers@freebsd.org Subject: Re: Non-executable mappings now in NetBSD too Message-ID: <20030831195002.95875.qmail@web13403.mail.yahoo.com> In-Reply-To: <20030831091544.GA86421@cirb503493.alcatel.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
--- Peter Jeremy <PeterJeremy@optushome.com.au> wrote:
...
>
> Based on some recent BUGTRAQ postings, OpenBSD has a trick to support
> full protection on the i386. The text segment and executable part of
> shared libraries are placed at low virtual addresses and CS is
> restricted to only cover the low address space. I don't know whether
> it's worthwhile to implement something along these lines in FreeBSD.
>
I think we'll have to do it sooner or later simply because they do it ;). The
issue is, of course, Linux emulation and backward compatibility.
I think we could do the same but ignore the CS restriction if the user is
trusted and running inside a jail.
cheers,
Pedro.
________________________________________________________________________
Want to chat instantly with your online friends? Get the FREE Yahoo!
Messenger http://uk.messenger.yahoo.com/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030831195002.95875.qmail>