lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1183153758.2894.1.camel@laptopd505.fenrus.org>
Date:	Fri, 29 Jun 2007 14:49:18 -0700
From:	Arjan van de Ven <arjan@...radead.org>
To:	linux-kernel@...r.kernel.org
Subject: Re: how to determine if the noexec stack is defined by an
	application


> But it's running a Web service which is a combination of C code and 
> Tomcat/Java. I have no clue how to determine which portions specify a 
> noexec stack and which don't.
> 
> In case it turns out some portions do not specify a noexec stack, my 
> next question is how to get the application to create a noexec stack 
> (assume I can make that request to the developers).


like this:

$ eu-readelf -l /bin/true  | grep STACK
  GNU_STACK      0x000000 0x00000000 0x00000000 0x000000 0x000000 RW 0x4


(replace /bin/true with the binary or library you want to check)

if it says "RW" like here, it'll have non-executable stack. If it says
"RWX" or if this line is absent entirely, the stack will be executable.



-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ