Slashdot Mirror

← Back to Stories (view on slashdot.org)

Red Hat Introduces NX Software Support For Linux

Posted by timothy on from the founder-and-leader dept.

abertoll writes "In this story at ZDnet, Red Hat has apparently added NX support to Linux. NX security technology is a hardware attempt at stopping malicious code." (We recently posted about Transmeta's announcement that its chips will incorporate the NX bit as well.)

5 of 188 comments (clear)

  1. Re:diff? by sploo22 · · Score: 4, Insightful
    Did you even look at it?
    $ wc -l nx-2.6.7-rc2-bk2-AE
    518 nx-2.6.7-rc2-bk2-AE
    It's smaller than most, but still not exactly trivial.
    --
    Karma: Segmentation fault (tried to dereference a null post)
  2. There you go by Anonymous Coward · · Score: 4, Insightful

    ... all those fellow /.'ers who cried out loud "we don't want no DRM" when they first read the titles of the stories about NX support in upcoming procs, without even bothering to understand WTH NX is for, and kept and kept writing idiotic comments about how evil Windows must be because it now supports NX (which they seriously thought was some form of ah-so-evil DRM feature)

    See, NX is a good thing, now even Linux has support for it :) I am happy that you will now have an opportunity to open your minds to this fine new technology.

    Cheers.

  3. A cross between... by 3)+profit!!! · · Score: 5, Insightful

    This "NX" stuff to separate data and instructions is sort of like crossing current CPUs' Von Neumann architecture with a Harvard architecture type of chip, where the storage is actually separate from the executable code.

  4. Fine No Execute by oldstrat · · Score: 4, Insightful

    This is all well and good, but is certainlly not a panacia.
    No execute means that somewhere, somehow there will be an override and the day the override is used the virus' will follow by tricking (and explaining how) to the user why this is needed and bingo, it's in.

    And of course I could be completely wrong in that this no execute bit does not exist on older processors and that in itself is going to cause problems. Intel has xbit on newer processors, but what about AMD, VIA, whoever else? Is this part of the Intel half of the WinTel duopoly?

    I think it's probably a good idea, but I'm suspicious.

  5. NX, Impressive! The processor has learned well! by doublebackslash · · Score: 4, Insightful

    Now it is time for you, young grsshopper, to learn as well.
    translation:
    Malicious code executing itself via a buffer overflow is actually one of the lesser evils in the virus world. Most users will gladly allow anything to run on their box, especially if it does something cool (time, weather, cutesy things, etc), and with everyone being root on Windows boxes, this means the program can do whatever the hell it wants and windows won't say anything/much.
    The NX bit is great, especially for servers where generally the only kind of attack is a buffer overflow. Like I said the procesor has learned well, but the users must learn also.

    --
    md5sum /boot/vmlinuz
    d41d8cd98f00b204e9800998ecf8427e /boot/vmlinuz