Exec Shield for Linux 2.6.x.y?
Dave Jones
davej at redhat.com
Thu May 31 20:47:17 UTC 2007
On Wed, May 30, 2007 at 04:11:49PM -0400, Josh Bressers wrote:
> > Dear Fedora developers or Experts!
> >
> > Can you tell me if these is an Exec Shield kernel patch for most recent 2.6
> > series vanilla kernels being able to do full ALSR functionality, including
> > the relocation of PIE binaries?
> >
> > When I look at Ingo Molnar's Exec Shield patch web page
> > (http://people.redhat.com/mingo/exec-shield/), I got the impression that a
> > fully featured Exec Shield patch set exists only for the 2.4 series of the
> > Linux kernels. Am I correct?
> >
>
> Without knowing all the nitty gritty details, I believe this is because a
> subset of the initial 2.4 patch is included in upstream 2.6.
>
> I would suggesting asking one of the Fedora kernel guys, or Ingo if you
> want to know for sure. This list is primarily for dealing with security
> vulnerabilities in Fedora. I doubt anyone on this list knows enough about
> the working of Exec Shield to feel comfortable answering your question.
You can find a version that always applies to latest upstream
(give or take a few days lag time after a point release)
in the Fedora CVS.
There's pointers on http://people.redhat.com/davej/
Dave
--
http://www.codemonkey.org.uk
More information about the security
mailing list