NX and You - What to do if you have problems
(Page 4 of 4 )
Newer software will be written with SP2 in mind, but some legacy programs will cause problems and not all users know how to update their drivers. If you are running Service Pack 2 and are seeing system instability, random reboots, and/or data loss, check with Microsoft or the manufacturer to see if there are known problems with anything on your system. Microsoft admits that a blue screen isn't the nicest way of handling a memory problem like an NX violation, but they say it beats having Windows accidentally execute virus code. Better safe than sorry, I guess, but it's still a nuisance.
Other operating systems also have support for NX in x86 and non-x86 processors. The patch that allows Linux to use the NX bit was released in June, and was integrated into the 2.6.8 kernel. Linux 2.6.8 was released in August and had NX support enabled by default in 32-bit kernels. Again, this does nothing for 32-bit processors running 32-bit x86 kernels, but those compiling kernels for 64-bit processors will have NX support ready to go.
If you are interested in even more security in Linux, take a look at SELinux, Adamantix, and Hardened Gentoo. OpenBSD has a feature called W^X that supports the NX bit non-x86 processors such as Alpha, HP-PA, and SPARC. OpenBSD 3.3, the first to have W^X, shipped in May 2003. PaX (http://pax.grsecurity.net/) is another patchset for Linux that isn't integrated and aims for tighter NX protections. They have a lot of detail on their website about how it works, which is interesting reading, but it is not a part of the Linux kernel yet. Solaris 10 is slated to support NX on x86. Sun's documentation says that an NX violation will likely caus a SIGSEGV, commonly known as a segmentation fault to Linux and UNIX users, which will terminate the process immediately.
In conclusion, NX bits are nothing new in the computer industry - they're new to the desktop x86 Wintel computer. While NX support is available in Windows XP Service Pack 2, it's limited on older hardware since the processor needs to support the NX bit. However, NX is not going to end all computer security issues. Good computing practices will keep you afloat, and if Windows is not running on your computer, a lot of the alternative operating systems will support NX.
I'd like to thank you for coming out to DevHardware for a look at the no execute bit and its effects. If you have any questions, comments, or concerns, voice them in our forums or go back to the main page for more hardware news and reviews.
| DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware. |
