The LSM module should disallow mprotect() with PROT_EXEC

dimkr / rlsd

A lightweight, retro Linux-libre distro

http://rlsd.dimakrasner.com

MIT License

72 stars 7 forks source link

The LSM module should disallow mprotect() with PROT_EXEC #54

Closed dimkr closed 10 years ago

dimkr commented 10 years ago

This should make user-mode loaders (i.e attempts to mmap() the contents of an executable to memory, resolve all symbol addresses, handle relocation and jump to main()) unusable.

mstewartgallus commented 10 years ago

So you're disabling JITs as well?

dimkr commented 10 years ago

Yes, until there's is some JIT interpreter in RLSD. At the moment, it's useful only for shellcodes, packers and other dirty stuff.