No eXecute bit or Data execution prevention
Hi all, we are adopting CIS critical control and one of it is to enable ASLR and DEP (No execute bit)
i understand that ASLR is fully enabled with the below output:
kernel.randomize_va_space = 2
But how may i confirm if DEP / NX (no eXecute bit) is enabled?
the output of running: # dmesg | grep '[NX|DX]*protection'
[ 0.000000] NX (Execute Disable) protection: active
Does the above output indicate that the no Execute bit is active and enable?
Thank you in advanced.