Re: OEM Policy Violation for Execute Stack

On Sun, Mar 2, 2014 at 4:29 PM, David Roberts < big.dave.roberts_at_googlemail.com> wrote:

> I think that this explains it to a greater depth than I understand it:
> http://en.wikipedia.org/wiki/NX_bit
>
> Which I found via this bilingual page:
> http://m.blog.csdn.net/blog/anddyhua/9174609
>
> As I understand it, some chips enable segregation of code from data in
> hardware as a way to eliminate buffer overrun security issues.
>
> For this to be most effective the operating system needs to make sure that
> the data written to the stack is located in an area that the chip
> understands as data and should never be executed.
>
> HTH.
>
> Dave
>
>
> On Wed, Feb 26, 2014 at 2:08 PM, Jay Hostetter <hostetter.jay_at_gmail.com>wrote:
>
>> I inherited an environment, and I am going through the various policy
>> violations in OEM (11.1.0.1). The target databases are primarily
>> 11.2.0.3. All of my hosts have a policy violation "warning" for the
>> "Execute Stack" policy, which says to "Ensure that the OS configuration
>> parameter, which enables execution of code on the user stack, is not
>> enabled." I have been searching docs, Oracle Support, and the internet,
>> but have found almost nothing which tells me more specifics about this
>> check. The underlying metric is "executeStackRep". The host OS is SUSE
>> Linux Enterprise 11. I'd appreciate it if anyone could point me in the
>> right direction for understanding this warning.
>>
>> Thank you,
>> Jay
>>
>
>

--
http://www.freelists.org/webpage/oracle-l