define Exec Shield please
 

i am having a good time with crossover office and the new winex (cedega). the question i am asking is about exec sheild. i have tried to google it and come up with a semi simple explanation of what it is, but that does not seem to exist. could someone give me a general idea of what exec shield is and what the purpose of it is. also, what are the pros and cons of disabling/enabling it. thank you for your help.

firenze

I"m not an expert but I understand the concept and purpose.

It is a security enhancement meant to reduce the risk of buffer-overflow attacks.
When an application loads into memory it contains the code to be run, storage for data, and the stack.
Exec-shield prevents the data and stack areas from being executed.

Buffer-overflow attacks are a sneaky method used by worms and hackers to cause a program to execute code that is passed in as data. (For example, an application might expect the user to give an 8-character response. If the user puts in more than 8 characters and the program doesn't check, then the excess characters have overwritten the stack. This is a buffer overflow.)

On top of that, exec-sheild randomizes the positions of dynamically loaded libraries. This interferes with some legitimate programs which do tricky stuff, like Wine/Crossover.

So is it dangerous to turn it off? It increases the risk, but then again exec-shield wasn't in use until very recently and we all survived. It's probably most useful for multi-user environents and servers, where strangers have access to the machine. For a single-user desktop, if you're generally careful about what you download off the net, it's fairly safe to turn it off. Again, my opinion, not an expert.

Personally, I turn it off when I run WineX, and turn it back on afterwards:
sudo /sbin/sysctl -w kernel/exec-shield=0
run winex or whatever
sudo /sbin/sysctl -w kernel/exec-shield=1

HTH.

thank you very much
 

that was what i needed to know. thank you very much.

firenze