1
2
3
4
5
|
documentation_complete: true
title: 'Enable ExecShield'
description: "ExecShield describes kernel features that provide\nprotection against exploitation of memory corruption errors such as buffer\noverflows. These features include random placement of the stack and other\nmemory regions, prevention of execution in memory that should only hold data,\nand special handling of text buffers. These protections are enabled by default\non 32-bit systems and controlled through <tt>sysctl</tt> variables \n<tt>kernel.exec-shield</tt> and <tt>kernel.randomize_va_space</tt>. On the latest\n64-bit systems, <tt>kernel.exec-shield</tt> cannot be enabled or disabled with \n<tt>sysctl</tt>."
|
