FPT_AEX_EXT.1.2 The application shall not allocate any memory region with
both write and execute permissions
Assurance activity is:
For Linux: The evaluator shall perform static analysis on the
application to verify that both mmap is never be invoked with both the
PROT_WRITE and PROT_EXEC permissions, and mprotect is never
invoked with the PROT_EXEC permission.
Concerns about behavior of mprotect item when called by dlopen(3).
E.g. daemons using pam, firefox dlopens
libraries, other things with libdl.
FPT_AEX_EXT.1.2 The application shall not allocate any memory region with both write and execute permissions
Assurance activity is:
For Linux: The evaluator shall perform static analysis on the application to verify that both mmap is never be invoked with both the PROT_WRITE and PROT_EXEC permissions, and mprotect is never invoked with the PROT_EXEC permission.
Concerns about behavior of mprotect item when called by dlopen(3). E.g. daemons using pam, firefox dlopens libraries, other things with libdl.
Need to investigate further.