Manualshelf

HP-UX 11i Release Notes (December 2000)

ManualsBrandsHP ManualsSoftwareHP-UX 11i v1.6 Technical Computing (TCOE) LTU
211212213214215216217218219220
Security
Execute Protected Stacks (new)
Chapter 11 213
the kernel tunable parameter executable_stack to 0. HP strongly
encourages you to enable this feature. Refer to the +es section of the
chatr (1) manpage for details of the possible trade-offs between security
and compatibility.
ELF-64 programs linked on previous releases of HP-UX will not benefit
from this security feature until they are re-linked on HP-UX 11i or later,
but will still function normally. 32-bit applications do not need to be
re-linked.
The output of chatr and elfdump have changed slightly. chatr now
supports an +es option.
IMPORTANT Warning to Java Users
Disabling stack execution will cause Java 1.2 programs to fail if using
JDK/JRE 1.2.2 versions older than 1.2.2.06. To determine the Java
version you are using, run java -version. To download the latest
version of the JDK/JRE, see http://www.hp.com/go/java
To allow pre-1.2.2.06 programs to run, the executable from stack
attribute of the program must be set to enable. To do this, invoke chatr
+es enable
file
, where
file
is the executable file. This attribute will
need to be set to enable for all executables contained in the JDK and
JRE. This includes all files contained in the following directories:
/opt/java1.2/bin/PA_RISC/native_threads
/opt/java1.2/bin/PA_RISC2.0/native_threads
/opt/java1.2/jre/bin/PA_RISC/native_threads
/opt/java1.2/jre/bin/PA_RISC2.0/native_threads
Java 1.1 versions will execute with no problem.