[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Taroon-list Digest, Vol 14, Issue 25

From: Stephen Gardner <stephen-rhel uk org>
To: "Discussion of Red Hat Enterprise Linux 3 (Taroon)" <taroon-list redhat com>
Subject: Re: Taroon-list Digest, Vol 14, Issue 25
Date: Tue, 19 Apr 2005 04:57:29 +0100 (BST)

On Mon, 18 Apr 2005, Sam Lalonde wrote:

What does it mean to boot with "noexec=off"?

I assume this means I should change grub.conf to include the following line:

kernel /vmlinuz-2.6.9-5.0.3.ELsmp ro root=/dev/VolGroup00/LogVol00 rhgb quiet noexec=off

What are the other consequences of doing this?

sam

Sam, The basic answer is that noexec=off disables the processor level No eXecute function and the Red Hat non-executable stack buffer overflow protection. The detailed answer is available in Arjan van de Ven's Exec Shield paper at

http://people.redhat.com/mingo/exec-shield/docs/WHP0006US_Execshield.pdf

You should only need to boot with this option once, perform the grub install and then reboot again having unset it.

Regards,
   Stephen

References:

Fedora Rawhide grub package changelog

* Tue Feb 08 2005 Peter Jones <pjones redhat com> 0.95-8

- Mark the simulation stack executable

[ this version of grub is not shipped in RHEL4-U0 or U1 ]

References:
- Re: Taroon-list Digest, Vol 14, Issue 25
  - From: Sam Lalonde

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]