PROT_EXEC mmap/mprotect, i386 PAE + NX broken, x86-64 2.6.17-rc2
Jesse Allen
the3dfxdude at gmail.com
Sun Apr 23 17:20:49 CDT 2006
On 4/23/06, Alistair John Strachan <s0348365 at sms.ed.ac.uk> wrote:
>
> My *guess* is that Windows x64 Edition will enforce DEP/NX for 64bit
> applications, but will do the same as XP SP2 for 32bit applications. That is,
> for 32bit applications, you can choose to enforce DEP/NX, and "whitelist"
> applications (selectively disabling DEP/NX), or have _only_ Windows component
> DLLs secured by DEP/NX (the default).
Ah, ok now I remember.
>
> Linux, until 2.6.17-rc, also did this. Andi Kleen suggested on LKML that there
> are userspace tools for Linux which allow NX to be disabled per-binary at
> runtime, but I suspect such utilities would require privileges. It would be
> suboptimal to mandate their use with Wine.
>
Well I think that it would be a better policy to have such tools
control the setting. It already seems to be out of the norm, seeing it
was modified. I don't think it will happen often, unless we can find
an actual common program. Now if it's safe to mark the entry point of
an executable MEM_EXECUTE -- which probably is -- then I'm fine with
that too.
Jesse
More information about the wine-devel
mailing list