as ingo restarted to publish plain exec-shield patches, i decided to apply his patch again. exec-shield-nx-2.6.11-A8 works nicely with kernel 2.6.11.6. there’s just a minor reject for the makefile:
– EXTRAVERSION =
+ EXTRAVERSION = -exec-shield
either patch the patch or change EXTRAVERSION from “.6” to “.6-exec-shield” manually.
nice document about exec-shield (among others): New Security Enhancements in Red Hat Enterprise Linux v.3, update 3 (PDF). another nice document: Security Enhancements in Red Hat Enterprise Linux (beside SELinux) (PDF). it also features a cool shell script – which is protected by copyright laws (and strict pdf drm settings) unfortunately.
NOTE TO SELF: check for compatibility with vms (jvm, mono). might break a couple of things.