Changes between Initial Version and Version 1 of Ticket #14069


Ignore:
Timestamp:
Jul 31, 2017 10:08:25 PM (17 months ago)
Author:
bgamari
Comment:

This was previously mentioned on #13624.

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #14069 – Description

    initial v1  
    11GHC's RTS linker maps executable code in writable pages, representing a significant potential exploit point for arbitrary code execution. OpenBSD disallows running program that do this by default.
    22
    3 Fix this.
     3
     4Instead we should first map pages as `PROT_READ | PROT_WRITE`, perform any necessary relocations (which requires writing), and then `mprotect` it to `PROT_READ | PROT_EXEC`.
     5
     6To find the relevant code grep for `PROT_EXEC` in the `rts/` directory.