0

i want to enable kernel.exec-shield parameter in an embedded platform at run-time or compile time. i have 32-bit arm architecture in my embedded platform. i list all the kernel parameters with following command.

sysctl -a

and i get many unrelated parameters but kernel.exec-shield is not listed.

i also cant find any related parameter in kconfig environment with menuconfig.

i want to counter buffer overflow vulnerabilities like described below.

http://people.redhat.com/mingo/exec-shield/

How can i do that in arm architecture?

regards...

artless noise
  • 21,212
  • 6
  • 68
  • 105
mehmet riza oz
  • 541
  • 6
  • 18
  • What distribution are you running? exec-shield is : 1. old and superseded by PAX and 2. Redhat-specific. On Debian derivatives you can use NX. – schaiba Dec 13 '17 at 08:56
  • i want to add exec-shield in my arm based embedded linux platform. Response of "uname -r" is 3.14.28-1.6 in my system. There are some functions in bootloader that modifies xn (execute never) bit. But i think exec-shield is not just "buffer overflow protection". According to wiki it contains some other features such as address space randomization, pie etc – mehmet riza oz Dec 14 '17 at 13:59

0 Answers0