Stack Overflow Protection on UNIX Linux Platforms
When using Stack Overflow Protection on a UNIX or Linux platform, consider the following:
capamsc141
When using Stack Overflow Protection on a UNIX or Linux platform, consider the following:
- (Solaris 11 AMD) STOP is disabled for Solaris 11 and later because Solaris 11 natively provides stack protection: Solaris 11 changes process stack location and has built-in support for Address Space Layout Randomization (ASLR). By default, this protection is turned on for tagged files, which includes zones.
- (Red Hat Linux, SuSE Linux) When Linux native stack randomization (exec-shield-randomize) is enforced, the STOP feature is not activated.
To deactivate native stack randomization, enter the following command:
echo 0 > /proc/sys/kernel/exec-shield-randomize