|
| |
| | Exec Shield - Wikipedia, the free encyclopedia |
 | | Exec Shield attempts to flag data memory as non-executable and program memory as non-writeable. | | | The patch additionally increases the difficulty of inserting and executing "shell code" rendering most exploits useless. | | | Implementation of PT_GNU_STACK and PT_GNU_HEAP binary markings and the deprecation of PT_GNU_HEAP are not yet covered here, nor is information on Exec Shield's minimal ASLR. |
|
http://en.wikipedia.org/wiki/Exec_Shield
(340 words)
|
|
| |
| | NX bit: Information From Answers.com |
| | Exec Shield allows these controls to be set for both binary executables and for libraries; if an executable loads a library requiring a given restriction relaxed, the executable will inherit that marking and have that restriction relaxed. | | | Exec Shield only checks for two ELF header markings, which dictate whether the stack or heap needs to be executable. | | | SEGMEXEC does not rely on such volatile systems as that used in Exec Shield, and thus does not encounter conditions in which finegrained NX bit emulation cannot be enforced; it does, however, have the halving of virtual address space mentioned above. |
|
http://www.answers.com/topic/nx-bit
(2953 words)
|
|
| |
| | EXEC 8 definition of EXEC 8 in computing dictionary - by the Free Online Dictionary, Thesaurus and Encyclopedia. |
| | EXEC 8 - Unisys's operating system from about 1980 to 2000, by which time it was a dying breed with Unisys moving to Windows NT and Unix. | | | EXEC 8 definition of EXEC 8 in computing dictionary - by the Free Online Dictionary, Thesaurus and Encyclopedia. | | | This information should not be considered complete, up to date, and is not intended to be used in place of a visit, consultation, or advice of a legal, medical, or any other professional. |
|
http://computing-dictionary.thefreedictionary.com/EXEC+8
(97 words)
|
|
| |
| | LWN: "Exec Shield" for Linux |
| | Lets take the big sendmail hole as an example, in which case a carefully constructed email header overflows a string buffer and a jump address located after the buffer. | | | So by overflowing the return address (or a function pointer, or anything else) with an _ASCII_ email header you simply cannot generate the proper return address that jumps on the system() function, because the address of the system() function contains the \0 [zero] byte. | | | With the exec shield activated, as you can see in the original article, the system() function (part of libc) is placed into the "ASCII armor" area. |
|
http://lwn.net/Articles/31033
(1314 words)
|
|
| |
| | Linux: Exec Shield Overflow Protection |
| | In the first case, that would be bad for any binary with a | | | Comment "How posts should be done" by somercet | | | This is followed with a longer section devoted to describing how the solution has been implemented, followed by an examination of its limitations. |
|
http://kerneltrap.org/node.php?id=644
(2575 words)
|
|
| |
| | PaX (http://pageexec.virtualave.net) |
| | nExec Shield cannot even guarantee that when a task is fully loaded in memory, that there do not exist memory regions that are both writable and executable, even if an application did not request such mappings.
| | | nFor the most part, Exec Shield and W^X are similar (in that they both provide a subset of the features of PaX), so I will not give a point-by-point analysis. | | | nExec Shield recently discovered a bug (an off-by-one page), due to someone running paxtest on an Exec Shield machine, that resulted in a page of memory being writable and executable that was assumed otherwise. |
|
http://www.grsecurity.net/PaX-presentation_files/slide0033.htm
(154 words)
|
|
| |
| | Cedega issues - Ubuntu Forums |
| | Someone already mentioned this but by adding exec to your fstab you will fix the error=21 problem, this includes fat32 partitions. | | | As a side note, you should be able to play them off your windows drive, but I think you need the 'exec' option in your /etc/fstab entry for that partition/drive. | | | Anyway, I DO have the exec in every partition that could possibly matter. |
|
http://www.ubuntuforums.org/showthread.php?t=21970
(1046 words)
|
|
| |
| | [No title] |
| | load_addr_set) elf_flags = MAP_FIXED; - } else if (elf_ex.e_type == ET_DYN) { - /* Try and get dynamic programs out of the way of the default mmap - base, as well as whatever program they might try to exec. | | | This - is because the brk will follow the loader, and is not movable. |
|
http://www.hup.hu/old/stuff/kernel/exec-shield/exec-shield-2.6.0-test7
(1132 words)
|
|
| |
| | CedegaWiki - error=21 |
| | error=21 can also mean that you require the parameter exec to be added to the partition on reiserFS and possibly other FS'es in kernel 2.6.x |
|
http://terrasque.mine.nu/phpwiki?pagename=error=21
(600 words)
|
|
| |
| | [No title] |
| | However note, only a + * small number exec malloc's are done so the wasted memory + * is not likely to be an issue. | | | Thus even a small + * allocation will use an entire page. |
|
http://dev.gentoo.org/~spyderous/xfree/patchsets/4.3.99.901/patch-4.3.99.901-0.1/9961_all_4.3.0-libGL-exec-shield-fixes-v2.patch
(1355 words)
|
|
| |
| | Exec-Shield vs. PaX |
| | Ingo says so because he did not understand how PaX works. | | | apparently none of you understood what the tests and Exec- Shield did, otherwise you would have known that Exec-Shield cannot possibly pass these tests due to its design (or at least not without going down the OpenBSD road). |
|
http://lists.debian.org/debian-devel/2003/11/msg00206.html
(1281 words)
|
|
| |
| | Wine HQ - WWN Issue #210 |
| | What's interesting about this one is it seems to have appeared in dead tree format on newstands. | | | It relies on changing the memory layout of an executable... | | | One problem on the radar screen deals with supporting two new Linux-isms: exec shield and prelinking. |
|
http://www.winehq.com/?issue=210
(1647 words)
|
|
| |
| | DVD Talk Forum - "The Shield" Exec Producer signs 2 year deal |
| | Valued at roughly $6 million, Ryan is set to make $200,000 per episode for each of "The Shield's" 26 episodes likely produced over the course of the next two seasons. | | | In a deal that will likely keep "The Shield" on FX through 2005, 20th Century Fox has signed a seven-figure, two-year development deal with the series' creator and executive producer Shawn Ryan. | | | While a fourth season (which would begin airing in January 2005) has not been officially picked up, it appears to be a foregone conclusion based on the deal and the show's overall success. |
|
http://www.dvdtalk.com/forum/printthread.php?t=298781
(253 words)
|
|
| |
| | Red Hat Releases New Linux Update |
| | Red Hat Execs Talk on Profiting from 'Free Software' | | | Red Hat Exec: Linux Desktops Must Stand Out to Thrive |
|
http://www.eweek.com/article2/0,1759,1643811,00.asp
(984 words)
|
|
| |
| | [No title] |
| | of your weapons, armour or shield, but any complex enchantment is | | | exec ("say You should take care worshipping people like that...",self);pause; | | | Notice: the examination will give you the basic idea of the quality |
|
http://www.valhalla.com/newdoc/fightersguild.html
(2157 words)
|
|
| |
| | nuke.olivier.blogdns.org |
| | I intend to put some tips on qmail, linux, and the e-mail on the internet in general. | | | Fujitsu execs take pay cut after Tokyo exchange crash |
|
http://nuke.olivier.blogdns.org
(503 words)
|
|
| |
| | Exec Shield Overflow Protection - OSNews.com |
| | He describes the patch, which is against the 2.4.20-rc1 kernel, as, "The exec-shield feature provides protection against stack, buffer or function pointer overflows, and against other types of exploits that rely on overwriting data structures and/or putting code into those structures. | | | Ingo Molnar has announced a new kernel-based security feature for Linux/x86 called "Exec Shield". | | | Linked by Eugenia Loli-Queru on 2003-05-03 15:48:30 UTC, submitted by Jeremy Andrews |
|
http://www.osnews.com/story.php?news_id=3465
(158 words)
|
|
| |
| | SecurityFocus |
| | You can start reading about Exec Shield at | | | and you can disable exec shield in /proc/sys/kernel/exec-shield, setting |
|
http://www.securityfocus.com/archive/82/380831
(223 words)
|
|
|
