Bugtraq mailing list archives

Re: Announcing RSX - non exec stack/heap module

From: Paul Starzetz <paul () starzetz de>
Date: Thu, 07 Jun 2001 19:49:29 +0200

Thomas Dullien wrote:

It would appearat first glance  that RSX uses the same technique as PAX.
Naturally, the PAX and RSX teams should confer to make a definitive
statement on similarities and differences.


Just for the record, the technique bears no similarity. PAX provides
real, non-executable PAGES on x86 -- RSX remaps the heap segments
outside of the code segment limit.


To be more precise: RSX does _not_ provide non-exec stack, heap and so
on but the 'complement' speak executable code area. The segments which
are remapped are _not_ the heap(s), speak data segments, but the code
(marked as rx-p) areas.
The basic idea while writing RSX was not to provide some heavy artillery
but a small, very low penalty kernel module stopping not 100 but maybe
95% of wide spread local & remote attacks towards Linux machines.

There cannot be a doubt that installing the module to protect few but
endangered applications (like sshd, rshd, rpc) improves the system
security.

sincerely,

Paul Starzetz

Current thread:

Announcing RSX - non exec stack/heap module Paul Starzetz (Jun 06)
- Re: Announcing RSX - non exec stack/heap module Crispin Cowan (Jun 06)
  - Re: Announcing RSX - non exec stack/heap module Thomas Dullien (Jun 07)
    - Re: Announcing RSX - non exec stack/heap module Paul Starzetz (Jun 07)
  - Re: Announcing RSX - non exec stack/heap module Paul Starzetz (Jun 07)
    - Re: Announcing RSX - non exec stack/heap module Crispin Cowan (Jun 07)
    - Re: Announcing RSX - non exec stack/heap module Paul Starzetz (Jun 12)
    - Re: Announcing RSX - non exec stack/heap module Crispin Cowan (Jun 13)
    - Re: Announcing RSX - non exec stack/heap module Paul Starzetz (Jun 13)
- <Possible follow-ups>
- Re: Announcing RSX - non exec stack/heap module zen-parse (Jun 13)