| file | last update | comment |
| docs | 2003.11.29 14:35 GMT | design & implementation of PaX. |
| linux 2.2.26 | 2004.11.06 13:35 GMT | backport from 2.4 with all features, but only i386 is known to work, other architectures may not even compile - feedback is welcome. |
| linux 2.4.28 | 2004.11.25 23:50 GMT | new configuration system supporting soft mode and sysctl and a new (and hopefully final) location for the PaX control flags, you'll need the binutils patch and paxctl to make use of it. |
| linux 2.6.7 | 2004.11.06 13:35 GMT |
forward port from 2.4 with some extra features, but only i386 is known
to work, other architectures may not even compile - feedback is welcome.
added preliminary ppc64 support.
NOTE: all versions for 2.6 before 2004.05.01 have a local kernel denial of service bug, thanks to ChrisR for bringing it to our attention. |
| binutils 2.14.90.0.8 | 2004.02.04 21:40 GMT | adds PT_PAX_FLAGS program header support to binutils/ld, the old ELF header marking scheme (EI_PAX) has been deprecated. |
| binutils 2.15.92.0.2 | 2004.11.06 16:15 GMT | adds PT_PAX_FLAGS program header support to binutils/ld, the old ELF header marking scheme (EI_PAX) has been deprecated. note that this binutils also has support for -z relro and -z now, their use is highly encouraged. |
| paxctl v0.2 | 2004.02.10 20:20 GMT | new PaX control program when you use the PT_PAX_FLAGS marking available in PaX patches after 2004.02.04 (highly recommended). supports alpha, i386, ia64, mips, mips64, parisc, ppc, sparc, sparc64 and x86_64. |
| chpax v0.7 | 2004.06.22 20:00 GMT | obsolete version, use it for PaX patches released after 2003.02.03 or if you want to use the EI_PAX marking in PaX patches released after 2004.02.04. supports alpha, i386, ia64, mips, mips64, parisc, ppc, ppc64, sparc, sparc64 and x86_64. |
| chpax.old.c | 2002.12.31 18:35 GMT | obsolete version, use it for PaX patches released before 2003.02.03. |
| chpax.sh chpax.cfg | 2002.12.12 21:35 GMT | this script and its sample configuration contributed by Markus Gutschke allow one to keep chpax flags up-to-date when files change. |
| et_dyn.tar.gz | 2003.08.10 23:55 GMT | documentation and example on how to create dynamic ELF executables, this is needed to achieve full address space layout randomization. |
| paxtest v0.9.5 | 2003.11.04 21:45 GMT | PaX regression test suite developed by Peter Busser for Adamantix. |
| PaX obscurity patch | 2003.08.30 22:23 GMT | Basic information leaking prevention patch for PaX by Julien TINNES. |
Share and enjoy,
The PaX Team
| the first independent Windows NT/2000/XP implementation by SecureWave (broken link) |
| the second independent Windows NT/2000/XP implementation by Data Security Software |
| the third independent Windows NT/2000/XP implementation by Sys-Manage A. Denter e.K. |
| the fourth independent Windows NT/2000/XP implementation by Next Generation Security Technologies |
| Microsoft, albeit four years late and relying on special CPU support, puts PAGEEXEC into Windows |
| PaX is part of grsecurity |
| PaX is part of Adamantix (Trusted Debian) |
| PaX (grsecurity) is part of Hardened Gentoo |
| PaX features are part of OpenBSD (MagicPoint presentation) |
| non-executable stack pages based on the segmentation logic implemented by the Openwall Project |
| non-executable stack and heap pages based on the segmentation logic implemented in RSX |
| non-executable stack and heap pages based on the segmentation logic implemented in kNoX |
| non-executable stack and heap pages based on the segmentation logic implemented in Exec Shield |