executable_stack(5)executable_stack(5)NAMEexecutable_stack - controls whether program stacks are executable by
default
VALUES
Failsafe
Default
Allowed values
Recommended values
DESCRIPTION
This tunable parameter controls whether program stacks are executable
by default. It allows systems to be configured to have extra protec‐
tion from stack buffer overflow attacks without sacrificing system per‐
formance. This class of attack very commonly attempts to trick privi‐
leged programs into performing unauthorized actions or giving unautho‐
rized access. Background information on this type of attack is avail‐
able on the web by searching for 'Smashing the Stack for Fun and
Profit.'
The majority of programs that run on HP-UX do not need to execute code
located on their stacks. A few programs, notably some simulators,
interpreters and older versions of Java, may have a legitimate reason
to execute code from their stacks. These programs typically have self-
modifying code. Using a combination of this tunable and the option of
the command permits such executables to function without sacrificing
protection for the rest of the system.
Refer to the 'Restricting Execute Permission on Stacks' section of the
chatr(1) manpage for more information before changing this tunable.
Who is Expected to Change This Tunable?
Anyone.
Restrictions on Changing
Changes to this tunable take effect for new processes started after the
change.
When Should the Value of This Tunable Be Changed?
This tunable controls operational modes rather than data structure
sizes and limits. The appropriate setting for a system depends on
whether you consider security or compatibility to be most important.
A value of is compatible with previous releases of HP-UX, but it is the
least secure. This setting permits the execution of potentially mali‐
cious code located on a program's stack.
A value of provides warnings about any program attempting to execute
code on its stacks, but does not alter the program's behavior. Suspi‐
cious activity is logged in the kernel's message buffers. (See
dmesg(1M).) This is a 'trial mode' setting intended to allow you to
safely determine whether a tunable value of would affect any legitimate
application.
A tunable value of is the recommended setting on systems where a higher
level of security is important. This is essentially the same as a set‐
ting of but it will also terminate any process that attempts to execute
code on its stacks. The process will be terminated before the poten‐
tially malicious code is executed.
What Are the Side Effects of Changing the Value
This tunable has no effect on system behavior unless an application
attempts to execute instructions located on its stacks. The majority
of HP-UX applications are not programmed to do this.
What Other Tunable Values Should Be Changed at the Same Time?
None.
WARNINGS
All HP-UX kernel tunable parameters are release specific. This parame‐
ter may be removed or have its meaning changed in future releases of
HP-UX.
Installation of optional kernel software, from HP or other vendors, may
cause changes to tunable parameter values. After installation, some
tunable parameters may no longer be at the default or recommended val‐
ues. For information about the effects of installation on tunable val‐
ues, consult the documentation for the kernel software being installed.
For information about optional kernel software that was factory
installed on your system, see at
AUTHOR
was developed by HP.
Tunable Kernel Parameters executable_stack(5)