[rsbac] Non-executable stack etc. with PaX
Josh Beagley
j.beagley at student.qut.edu.au
Fri Feb 14 19:22:05 MET 2003
> Hi!
>
> After some questions about non-executable stack etc. I have
> downloaded and tested the Pageexec patch from
> http://pageexec.virtualave.net/, which is also part of
> grsecurity. It patches cleanly besides RSBAC and seems to work
> fine.
>
> Do you think PaX or something similar should be included in RSBAC
> , or is a separate patch more useful?
>
> Amon.
> --
> http://www.rsbac.org - GnuPG: 2048g/5DEAAA30 2002-10-22
> _______________________________________________
> rsbac mailing list
> rsbac at rsbac.org
> http://www.rsbac.org/mailman/listinfo/rsbac
The only things of use to me in grsecurity over rsbac were restrictions on
/proc, which one part of, process hiding now exists in rsbac, the other was
the non executable stack. I was not aware that it patched cleanly with
rsbac, should probably give it a try.
Back on topic, I tink it would be a great idea to include it in
rsbac...maybe as some sort of control, specifing which programs make use of
it? Is that even possible?
More information about the rsbac
mailing list