unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (NetBSD-6.1.5)
Page:
Section:
Apropos / Subsearch:
optional field

PAXCTL(8)                   System Manager's Manual                  PAXCTL(8)

NAME
     paxctl -- list and modify PaX flags associated with an ELF program

SYNOPSIS
     paxctl flags program ...

DESCRIPTION
     The paxctl utility is used to list and manipulate PaX flags associated
     with an ELF program.  The PaX flags signify to the loader the privilege
     protections to be applied to mapped memory pages, and fuller explanations
     of the specific protections can be found in the security(7) manpage.

     Each flag can be prefixed either with a ``+'' or a ``-'' sign to add or
     remove the flag, respectively.

     The following flags are available:

     a     Explicitly disable PaX ASLR (Address Space Layout Randomization)
           for program.

     A     Explicitly enable PaX ASLR for program.

     g     Explicitly disable PaX Segvguard for program.

     G     Explicitly enable PaX Segvguard for program.

     m     Explicitly disable PaX MPROTECT (mprotect(2) restrictions) for
           program.

     M     Explicitly enable PaX MPROTECT (mprotect(2) restrictions) for
           program.

     To view existing flags on a file, execute paxctl without any flags.

SEE ALSO
     mprotect(2), sysctl(3), options(4), elf(5), security(7), sysctl(8),
     fileassoc(9)

HISTORY
     The paxctl utility first appeared in NetBSD 4.0.

     The paxctl utility is modeled after a tool of the same name available for
     Linux from the PaX project.

AUTHORS
     Elad Efrat <eladATNetBSD.org>
     Christos Zoulas <christosATNetBSD.org>

BUGS
     The paxctl utility currently uses elf(5) ``note'' sections to mark
     executables as PaX Segvguard enabled.  This will be done using
     fileassoc(9) in the future so that we can control who does the marking
     and not altering the binary file signature.

NetBSD 6.1.5                  September 17, 2009                  NetBSD 6.1.5