Subject: Re: Non executable mappings and compatibility options bugs
To: Chuck Silvers <chuq@chuq.com>
From: Erik E. Fair <fair@netbsd.org>
List: tech-kern
Date: 06/21/2004 08:28:56
At 9:55 -0400 6/21/04, Thor Lancelot Simon wrote:
>On Sun, Jun 20, 2004 at 10:55:23AM -0700, Chuck Silvers wrote:
>>
>> it would be safest to default to making everything executable for other
>> emulations until it can be verified that those binaries work ok with
>> non-executable mappings. this seems fine to me.
>
>I strongly disagree; this would be a regression, with no warning to the
>user, in system security. Adding a COMPAT_ option shouldn't punch a giant
>hole in a fundamental security mechanism.
>
>If nothing else, both config and the kernel at boot time should print
>warnings about this.
I agree completely with what Thor wrote, with feeling. Emphasis. Exclamation.
Erik <fair@netbsd.org>