Enables the stack to be marked as nonexecutable, which helps make buffer-overflow attacks more difficult.
A Solaris system running a 64-bit kernel makes the stacks of all 64-bit applications nonexecutable by default. Setting this parameter is necessary to make 32-bit applications nonexecutable on systems running 64-bit or 32-bit kernels.
This parameter exists on all systems running the Solaris 2.6, 7, 8, 9, or 10 releases, but it is only effective on 64–bit SPARC and AMD64 architectures.
0 (disabled) or 1 (enabled)
Yes. Does not affect currently running processes, only processes created after the value is set.
Should be enabled at all times unless applications are deliberately placing executable code on the stack without using mprotect to make the stack executable. For more information, see mprotect(2).
For information, see noexec_user_stack (Solaris 9 Releases).