an exec shield for o2

i’ve just applied ingo molnar’s exec shield patch to a current vanilla kernel rc:

The exec-shield feature provides protection against stack, buffer or
function pointer overflows, and against other types of exploits that rely
on overwriting data structures and/or putting code into those structures.
The patch also makes it harder to pass in and execute the so-called
‘shell-code’ of exploits. The patch works transparently, ie. no
application recompilation is necessary.

works fine. i haven’t noticed any significant performance decrease so far.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.