Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

W^X in Linux?

0 views
Skip to first unread message

Non scrivetemi

unread,
Nov 9, 2009, 8:49:47 AM11/9/09
to
NOTE: originally posted to 'linux.kernel' NG

http://en.wikipedia.org/wiki/W%5EX

I was wondering if W^X is part of the Linux roadmap for the (near)
future? From what I remember from college and MMU's the security issues
we're having today shouldn't really exist, but they do.

Fritz Wuehler

unread,
Nov 9, 2009, 10:44:36 AM11/9/09
to

Rainer Weikusat

unread,
Nov 9, 2009, 10:51:37 AM11/9/09
to
"Non scrivetemi" <nonscr...@pboxmix.winstonsmith.info> writes:
> NOTE: originally posted to 'linux.kernel' NG
>
> http://en.wikipedia.org/wiki/W%5EX
>
> I was wondering if W^X is part of the Linux roadmap for the (near)
> future?

As the Wikipedia page would have told you:

Similar features are available for other operating systems,
including the PaX and Exec Shield patches for Linux,

> From what I remember from college and MMU's the security issues
> we're having today shouldn't really exist, but they do.

These 'security issues' are side effects of buggy code and buggy code
should rather be fixed than potentially useful features disabled. If
Theo de Raadt and his 'gang' are convinced that the BSD-codebase is
beyond hope in this respect, as such measures strongly suggest, they
probably know why.

Johannes Bauer

unread,
Nov 13, 2009, 12:46:04 PM11/13/09
to
Rainer Weikusat schrieb:

> These 'security issues' are side effects of buggy code and buggy code
> should rather be fixed than potentially useful features disabled. If
> Theo de Raadt and his 'gang' are convinced that the BSD-codebase is
> beyond hope in this respect, as such measures strongly suggest, they
> probably know why.

That's like saying: "These 'accidents' are side effects of bad drivers.
They should rather have their license revoked rather than everyone
having to wear a potentially restraining seatbelt."

Sure, having all bug-free software would be nice, but the world looks
different. Producing buffer overflows can happen to even the most
vigilant programmer. Having a seatbelt for the occurence where it does
indeed accidently happen is a good thing - although I agree that nobody
should rely on it (much the same way people don't drive reckless just
because they know they're buckled up).

Regards,
Johannes

--
"Aus starken Potentialen k�nnen starke Erdbeben resultieren; es k�nnen
aber auch kleine entstehen - und "du" wirst es nicht f�r m�glich halten
(!), doch sieh': Es k�nnen dabei auch gar keine Erdbeben resultieren."
-- "R�diger Thomas" alias Thomas Schulz in dsa �ber seine "Vorhersagen"
<1a30da36-68a2-4977...@q14g2000vbi.googlegroups.com>

Rex Ballard

unread,
Nov 19, 2009, 5:03:57 PM11/19/09
to
On Nov 9, 8:49 am, "Non scrivetemi"

> http://en.wikipedia.org/wiki/W%5EX

Linux has a similar feature, and does it more efficiently. Remember,
the main reason Linus wrote Linux was because he wanted to play with
the MMU. Linux also has very fast context switches which makes it
much easier to use the MMU for W^X protection and beyond.

Windows context switches take about 10-20 times longer for process to
process context switches. As a result, Windows programmers typically
put as much as they can into a single process, using overlays and
mapping, which means they have to be able to BOTH write and execute.

Some interpreters, such as the Java JVM use execute-only code, but the
j-code isn't actually executed it's read to tell the JVM what to
execute, much like a Forth interpreter does.

For almost 30 years, *nix administrators have tried to limit or
restrict the ability to load and then execute strange code without at
least passing some security checkpoints.

One of the reasons for Open Source was that in MS-DOS world, binary-
only shareware was spreading viruses to millions of computers through
such things as the boot tracks on floppy disks. The *nix community
initially wanted to be able to run popular applications and many
different types of hardware. As a side effect, they found that it was
much easier to identify malicious code using delta comparisons (diff)
between older and newer versions of the code.

Linux and Unix use the fork and exec commands to invoke new commands.
The fork command creates a memory mapped clone of the parent image,
then the exec command reads the executable code from the disk into
memory, and starts the code. The kernel installs the code and then
locks the memory so that it can't be written.

This is one of the reasons why so many applications set permisions to
rwxr-xr-x or even r-xr-xr-x. So that end users can't make malicious
modifications, either as a practical joke, or as a will-full act of
sabotage.

Keep in mind that PCs normally aren't shared, and are almost never
used by several users at the same time. *nix systems on the other
hand, were shared back when Bill Gates was still using toggle switches
to set up the paper tape reader to pull in BASIC.

Teachers stored grades on UNIX systems and quickly found that someone
had to prevent the frat-boy geek from giving the frat-drunk and party-
boy straight As.

0 new messages