version 1.35, 2016/07/27 13:51:01 |
version 1.36, 2016/07/30 23:37:40 |
|
|
<tt>PT_OPENBSD_WXNEEDED</tt> and it is located on a filesystem |
<tt>PT_OPENBSD_WXNEEDED</tt> and it is located on a filesystem |
mounted with the <tt>wxallowed</tt> |
mounted with the <tt>wxallowed</tt> |
<a href="http://man.openbsd.org/mount.8">mount(8)</a> option. |
<a href="http://man.openbsd.org/mount.8">mount(8)</a> option. |
|
Because there are still too many ports which violate W^X, the |
|
installer mounts the <tt>/usr/local</tt> filesystem with |
|
<tt>wxallowed</tt>. This allows the base system to be more |
|
secure as long as <tt>/usr/local</tt> is a seperate filesystem. |
|
If you use no W^X violating programs, consider manually |
|
revoking that option. |
<li>The <a href="http://man.openbsd.org/setjmp.3">setjmp(3)</a> |
<li>The <a href="http://man.openbsd.org/setjmp.3">setjmp(3)</a> |
family of functions now apply XOR cookies to stack and return-address |
family of functions now apply XOR cookies to stack and return-address |
values in the jmpbuf on amd64, hppa, i386, mips64, and powerpc. |
values in the jmpbuf on amd64, hppa, i386, mips64, and powerpc. |