The 03.01.20 at 01:11, Tom Emerson wrote:
Now that makes me wonder... why would the stack need to be executable? It should only be needed for local data and return address for subroutines, and things lke that, no? Or does somebody uses hacks like selfmodifying code?
hence the point of my original comment on program vs. data segmentation -- "self modifying code" has never [in my book at least], been "good", and with the advent of virii, I've downgraded such actions as "very bad indeed"
Exactly.
minor point: "return addresses for subroutines" -- you'd have to be very clever indeed to modify a "return address" so that a different function gets called to "do the dirty work" you intend "as a trojan" and yet still appear to "function normally" so far as the end-user is concerned -- most likely any such attempt would make the program simply abort, which would raise suspicion...
Not really... If I could write arbitrary data to the stack, I would have to replace the return address with mine, and save the old one somewhere, so as to repair the stack to an apparent pristine state before returning. But that's theory, and I don't know much about linux programming. -- Cheers, Carlos Robinson