* [gentoo-user] Activating NX-bit on AMD64, solved (I think), and a warning.
@ 2006-04-02 22:38 Walter Dnes
0 siblings, 0 replies; only message in thread
From: Walter Dnes @ 2006-04-02 22:38 UTC (permalink / raw
To: Gentoo Users List
A few days ago, I asked how to do it. I stumbled across the answer
whilst browsing Google on an entirely different topic. The answer is to
add the parameters "noexec=on" and "noexec32=on" to the boot line. I've
added it via "append" lines in /etc/lilo.conf
#
# Linux bootable partition config begins
#
image = /boot/kernel-2.6-production
root = /dev/sda1
label = Production
read-only # read-only for checking
append = "noexec=on noexec32=on"
image = /boot/kernel-2.6-experimental
root = /dev/sda1
label = Experimental
read-only # read-only for checking
append = "noexec=on noexec32=on"
#
# Linux bootable partition config ends
#
And now for the unrelated part, and the warning. I was reading up on
GRUB, in case I decide to go 64-bit mode in the near future. Apparently,
GRUB will *NOT* install if noexec/noexec32 are enabled. You have to
turn them off before installing GRUB.
--
Walter Dnes <waltdnes@waltdnes.org> In linux /sbin/init is Job #1
My musings on technology and security at http://tech_sec.blog.ca
--
gentoo-user@gentoo.org mailing list
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2006-04-02 22:45 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-04-02 22:38 [gentoo-user] Activating NX-bit on AMD64, solved (I think), and a warning Walter Dnes
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox