HP-UX 11i June 2001 Release Notes
Security
Execute Protected Stacks (new at 11i original release)
Chapter 11218
Execute Protected Stacks (new at 11i original
release)
System security can be improved by enabling a new feature that execute
protects program stack(s).
A common method of breaking into systems is by maliciously overflowing
buffers on a program's stack. Malicious unprivileged users often use this
method to trick a privileged program into starting a superuser shell for
them, or performing similar unauthorized actions. Detailed information
on this type of attack may be found by doing a web search for "Smashing
the Stack for Fun and Profit."
HP-UX 11i provides new mechanisms to defend against this type of
attack without sacrificing performance.
By setting the kernel tunable parameter executable_stack to zero,
HP-UX systems can be configured to execute protect program stacks,
providing significant protection from many common buffer overflow
attacks. In the vast majority of cases, enabling this feature will not affect
compatibility of any legitimate applications.
Please refer to the new +es option section of the chatr (1) manpage for
additional information on how to configure this feature and how to
quickly detect and resolve any (very rare) compatibility issues that may
result from enabling it.
To implement this feature, changes were made to kernel execve() and
virtual memory code, and to the chatr, elfdump and ld commands.
Impact
One of the primary goals of this feature is to significantly improve
system security with the minimum possible effect on performance or
compatibility. It consumes essentially no disk space or memory, and has
no functional impact on the vast majority of legitimate applications,
other than making them less vulnerable to malicious attacks. There is no
measurable performance impact from this code.