File: group.yml

package info (click to toggle)
scap-security-guide 0.1.78-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 114,600 kB
  • sloc: xml: 245,305; sh: 84,381; python: 33,093; makefile: 27
file content (19 lines) | stat: -rw-r--r-- 921 bytes parent folder | download | duplicates (2)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
documentation_complete: true

title: |-
    Enable Execute Disable (XD) or No Execute (NX) Support on
    x86 Systems

description: |-
    Recent processors in the x86 family support the
    ability to prevent code execution on a per memory page basis.
    Generically and on AMD processors, this ability is called No
    Execute (NX), while on Intel processors it is called Execute
    Disable (XD). This ability can help prevent exploitation of buffer
    overflow vulnerabilities and should be activated whenever possible.
    Extra steps must be taken to ensure that this protection is
    enabled, particularly on 32-bit x86 systems. Other processors, such
    as Itanium and POWER, have included such support since inception
    and the standard kernel for those platforms supports the
    feature. This is enabled by default on the latest Oracle Linux, Red Hat and
    Fedora systems if supported by the hardware.