loader: Mark the stack as executable if possible.
L. Rahyen
research at science.su
Wed Nov 15 13:39:19 CST 2006
> Well, the next step can be to pop up a message box of some kind, and
> let the user decide whether to proceed or not. It still gives more
> control than blindly making all pages executable from the start...
This is only acceptable if it pop ups only once for each application by
default and there is option to turn if off if user don't like it. For
example, I run Program.exe and then I see following pop up:
"NoExec fault detected. You can ignore this but then running program will be
valnurable to buffer overflow attacks (or it already has been successfully
attacked)."
"Close" "Ignore (may be unsafe)"
"[x] Don't ask again for this application"
"[ ] Ignore NoExec faults for all applications (unsafe!)"
Ideally "Don't ask again for this application" and "Ignore" should be default
if application crashes on start up and definitely NOT default if it crashes
after (for example) 1 minute of normal work (because it likely has been
attacked). Of course above example is just example and real-world dialog
should be different (more understandable for newbie text, maybe
other/different options, etc.).
If flexible security option (something like the above) will be implemented
into Wine instead of blind workaround that would be nice!
More information about the wine-devel
mailing list