Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:96872
Return-Path: <pthreads@pthreads.org>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 74519 invoked from network); 13 Nov 2016 06:36:59 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 13 Nov 2016 06:36:59 -0000
Authentication-Results: pb1.pair.com header.from=pthreads@pthreads.org; sender-id=unknown
Authentication-Results: pb1.pair.com smtp.mail=pthreads@pthreads.org; spf=permerror; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain pthreads.org from 74.125.82.65 cause and error)
X-PHP-List-Original-Sender: pthreads@pthreads.org
X-Host-Fingerprint: 74.125.82.65 mail-wm0-f65.google.com  
Received: from [74.125.82.65] ([74.125.82.65:33562] helo=mail-wm0-f65.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 40/35-31581-70A08285 for <internals@lists.php.net>; Sun, 13 Nov 2016 01:36:57 -0500
Received: by mail-wm0-f65.google.com with SMTP id u144so6697006wmu.0
        for <internals@lists.php.net>; Sat, 12 Nov 2016 22:36:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=pthreads-org.20150623.gappssmtp.com; s=20150623;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=IlUn5lbJV+dIo5vRGVTTJAC2O1unEUpRBJ66EAmVYyc=;
        b=PQX2e6zZjAmiI/QaKkQejBvm2JtkjK3sA9jw7GcYafnWSXRSGw6INqRWtQbOXc5B4S
         UCcEchpTcdCE+b4Sfgr9/VgVDfPRRrvMSk19+GGYZr3U/kM1dO/IWfL+umZVMkwWeBMM
         Ztb+A3X9hTMCuDhoxIoDlt3oKeYDe+Ux+opFVFSBD6So0Nt/pHOQt/DezJcrutrhoQhy
         1LvCaiuI2Zpd/AwDY8+ehmFJBwd4MauuCdf30taYjNUu9iEk9OuV4FyqSMl31+h/LGkd
         b26dLpggn+kN/j7cVNqzC3PXFjpOxCl0PXMWbohSWyMDm1egdU2lE6xrLY1q8CeeMGF4
         /FYA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20130820;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=IlUn5lbJV+dIo5vRGVTTJAC2O1unEUpRBJ66EAmVYyc=;
        b=HS9TEVChwf2V8cSwpgp+eooB9TOLi++ee9g41sKNfe9j/lrHl1Ny6xvphwBYsDnzRf
         0UTElZo73r70ZglFr9f72IKKAouuLw/3smPUYoOvcxjh/VVedzn/JvKlqO0uNGWFiomT
         QTgjY0kYYXnrMyTJHNH1CldOuXONwCWYdCB7FUQ9LVpBVT4NiMl30uEeySypHbaXdxNv
         FjB/HcRqYCeyuq4HFBnco00PsxRYgyKLVg64ilIORievMpgeuAwUMmUZNaJVKz2r2Aia
         WP2qDYlTevfY96YP/tewO08iGR5kFDSFs8Es2Aiq1cEc25CVo97qp6PO2Ojb7XwqK0MH
         1ijA==
X-Gm-Message-State: ABUngvehZShrXAuYktEsRcKaRkPUsMu6C5plyIRcMeQg+H/3//ZQDk16y3iH28rkhfpnOmwgAn8uyI4+WWhhbw==
X-Received: by 10.194.188.9 with SMTP id fw9mr7388687wjc.213.1479019012136;
 Sat, 12 Nov 2016 22:36:52 -0800 (PST)
MIME-Version: 1.0
Received: by 10.80.142.81 with HTTP; Sat, 12 Nov 2016 22:36:51 -0800 (PST)
X-Originating-IP: [109.157.245.230]
In-Reply-To: <0ca201d23d22$e3d623d0$ab826b70$@belski.net>
References: <5eea66e9-0e47-852a-8720-7c7a6a0d2224@gmx.de> <0ca201d23d22$e3d623d0$ab826b70$@belski.net>
Date: Sun, 13 Nov 2016 06:36:51 +0000
Message-ID: <CAL=_i_=VpCtNWzF5re7h7puvRNpFED=g+E+g3hyko_z64d9xXg@mail.gmail.com>
To: Anatol Belski <anatol.php@belski.net>
Cc: "Christoph M. Becker" <cmbecker69@gmx.de>, PHP internals <internals@lists.php.net>
Content-Type: multipart/alternative; boundary=047d7beb9098d5b763054128f230
Subject: Re: [PHP-DEV] PaX MPROTECT / W^X protection
From: pthreads@pthreads.org (Joe Watkins)

--047d7beb9098d5b763054128f230
Content-Type: text/plain; charset=UTF-8

Morning,

Just wanted to give a thumbs up to documenting the issue ...

Trying to work around it with platform/distro/kernel specific solutions,
sounds quite horrible, and is bound to be fragile.

Cheers
Joe

On Sat, Nov 12, 2016 at 8:25 PM, Anatol Belski <anatol.php@belski.net>
wrote:

> Hi Christoph,
>
> > -----Original Message-----
> > From: Christoph M. Becker [mailto:cmbecker69@gmx.de]
> > Sent: Friday, November 11, 2016 7:40 PM
> > To: internals@lists.php.net
> > Subject: [PHP-DEV] PaX MPROTECT / W^X protection
> >
> > Hi!
> >
> > There are currently at least two unresolved tickets[1][2] in our bug
> tracker
> > regarding PaX MPROTECT / W^X protection issues with regard to PCRE JIT.
> The
> > problem is that PCRE JIT mmaps W|X pages[3], what is no longer allowed on
> > several platforms, such as OpenBSD, FreeBSD and SELinux.  It seems that
> there
> > are workarounds (e.g. using paxctl to allow W|X mapping[1], or mounting
> with
> > wxallowed[4]), but these appear to be very system specific.
> >
> > My best idea to resolve the reports is to document this issue.  Maybe
> somebody
> > has a better idea?
> >
> AFM, the linked tickets are not about an issue in PHP. There are just
> systems, or system configurations, that are very security oriented. If some
> feature is disabled on the system level, there's not much PHP can do. To
> compare - it were wrong same way to say atime doesn't work in PHP, if
> indeed a volume is mounted with atime disabled. Any issue, that is only to
> be solved by the system configuration, is a configuration issue in the most
> case. So the documentation is probably the only what we can do in the case.
>
> Regrads
>
> Anatol
>
>
>
> --
> PHP Internals - PHP Runtime Development Mailing List
> To unsubscribe, visit: http://www.php.net/unsub.php
>
>

--047d7beb9098d5b763054128f230--