File: README

package info (click to toggle)
paxctl 0.9-1
  • links: PTS
  • area: main
  • in suites: buster, jessie, jessie-kfreebsd, sid, stretch
  • size: 108 kB
  • ctags: 84
  • sloc: ansic: 551; makefile: 37
file content (27 lines) | stat: -rw-r--r-- 1,077 bytes parent folder | download | duplicates (5)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
1. What it is

  This is paxctl for controlling PaX flags on a per binary basis. PaX
  is an intrusion prevention system that provides the best protection
  mechanisms against memory corruption bugs. Some applications are not
  compatible with certain features (due to design or bad engineering)
  and therefore they have to be exempted from certain enforcements. It
  is also possible to use PaX in soft mode where none of the protection
  mechanisms are active by default - here paxctl can be used to turn
  them on for selected programs (e.g., network daemons, programs that
  process network data such as mail clients, web browsers, etc).

  PaX and paxctl work on ELF executables, both of the standard ET_EXEC
  and the newer ET_DYN kind (older PaX releases referred to the latter
  as ET_DYN executables, these days they are called Position Independent
  Executables or PIEs for short).


2. Installation

  Simply issue 'make' then 'make install'. If the defaults do not suit
  your needs, change them in the Makefile.


3. References

  PaX - http://pax.grsecurity.net