System Administration Guide: Security Services

ProcedureHow to Disable Programs From Using Executable Stacks

For a description of the security risks of executable stacks, see Preventing Executable Files From Compromising Security.

  1. Assume the Primary Administrator role, or become superuser.

    The Primary Administrator role includes the Primary Administrator profile. To create the role and assign the role to a user, see Chapter 2, Working With the Solaris Management Console (Tasks), in System Administration Guide: Basic Administration.

  2. Edit the /etc/system file, and add the following line:

    set noexec_user_stack=1
  3. Reboot the system.

    # init 6

Example 6–13 Disabling the Logging of Executable Stack Messages

In this example, the logging of executable stack messages is disabled, and then the system is rebooted.

# cat /etc/system
set noexec_user_stack=1
set noexec_user_stack_log=0
# init 6