On 10 Jun 2012 at 17:46, René Rhéaume wrote: > I have a somewhat crazy idea to run JIT code with mprotect enforced: > instead of putting the generated code into anonymous memory, why not put it > as a shared library inside a tmpfs, the the host program simply call dlopen > on it? This way, we would have JIT code (faster than interpreted code), > ahead-of-time compiled code keeps all mprotect restrictions in place. JIT > code would also benefit from ASLR. > > What do you think?
ever read http://pax.grsecurity.net/docs/mprotect.txt ? ;)
