[Python-ideas] Executable space protection: NX bit,

Stephan Houben stephanh42 at gmail.com
Mon Sep 3 08:40:06 EDT 2018


I am pretty sure that on systems which support it, Python's stack and data
are already NX.

NX is basically the default on modern systems.

Stephan

Op ma 3 sep. 2018 09:00 schreef Wes Turner <wes.turner at gmail.com>:

> Rationale
> =========
> - Separation of executable code and non-executable data is a good thing.
> - Additional security in Python is a good idea.
> - Python should support things like the NX bit to separate code and
> non-executable data.
>
> Discussion
> ==========
> How could Python implement support for the NX bit? (And/or additional
> modern security measures; as appropriate).
>
> What sort of an API would C extensions need?
>
> Would this be easier in PyPy or in CPython?
>
> - https://en.wikipedia.org/wiki/NX_bit
> - https://en.wikipedia.org/wiki/Executable_space_protection
>
> Here's one way to identify whether an executable supports NX:
> https://github.com/longld/peda/blob/e0eb0af4bcf3ee/peda.py#L2543
> _______________________________________________
> Python-ideas mailing list
> Python-ideas at python.org
> https://mail.python.org/mailman/listinfo/python-ideas
> Code of Conduct: http://python.org/psf/codeofconduct/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-ideas/attachments/20180903/45cce945/attachment.html>


More information about the Python-ideas mailing list