# ChangeLog for sys-apps/paxctl # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2 # $Header: /var/cvsroot/gentoo-x86/sys-apps/paxctl/ChangeLog,v 1.19 2006/08/16 18:12:05 corsair Exp $ 16 Aug 2006; Markus Rothe paxctl-0.4.ebuild: Stable on ppc64 18 Jul 2006; Michael Hanselmann paxctl-0.4.ebuild: Stable on ppc. 09 Jul 2006; paxctl-0.4.ebuild: - stable on x86 *paxctl-0.4 (25 Jun 2006) 25 Jun 2006; -paxctl-0.2.ebuild, +paxctl-0.4.ebuild: - new version. This version obsoletes the need for chpax all together with the introduction of the -C flag which can create a new PT_PAX_FLAGS phdr in ELF 32/64 bit files 29 Mar 2006; Kevin F. Quinn paxctl-0.3-r1.ebuild: Set ${S} and contents to group & world readable - bug #127998 03 Dec 2005; Tom Gall paxctl-0.3.ebuild: stable on ppc64 18 Oct 2005; Gustavo Zacarias paxctl-0.3.ebuild: Stable on sparc 23 Aug 2005; Aron Griffis paxctl-0.3.ebuild: stable on ia64 *paxctl-0.3-r1 (13 Jun 2005) 13 Jun 2005; Kevin F. Quinn +files/paxctl-0.3-error-codes.patch, +paxctl-0.3-r1.ebuild: - return EXIT_FAILURE when paxctl fails to do as requested 10 Jun 2005; paxctl-0.3.ebuild: - stable on x86/ppc/amd64 *paxctl-0.3 (03 May 2005) 03 May 2005; +paxctl-0.3.ebuild: - new paxctl release. new version includes ability to reuse/rename existing unneeded program header into PT_PAX_FLAGS 01 Apr 2005; Aron Griffis paxctl-0.2.ebuild: stable on ia64 17 Mar 2005; Daniel Ostrow paxctl-0.2.ebuild: ~ppc64 for testing 22 Jul 2004; paxctl-0.2.ebuild: marked paxctl stable on x86 now that min-version binutils is in stable 21 Jul 2004; Travis Tilley paxctl-0.2.ebuild: stable on amd64 30 Jun 2004; Aron Griffis paxctl-0.2.ebuild: sync IUSE (missing), glibc -> libc *paxctl-0.2 (18 Feb 2004) 18 Feb 2004; : This is paxctl for controlling PaX flags on a per binary basis. PaX is an intrusion prevention system that provides the best protection mechanisms against memory corruption bugs. Some applications are not compatible with certain features (due to design or bad engineering) and therefore they have to be exempted from certain enforcements. It is also possible to use PaX in soft mode where none of the protection mechanisms are active by default - here paxctl can be used to turn them on for selected programs (e.g., network daemons, programs that process network data such as mail clients, web browsers, etc). PaX and paxctl work on ELF executables, both of the standard ET_EXEC and the newer ET_DYN kind (older PaX releases referred to the latter as ET_DYN executables, these days they are called Position Independent Executables or PIEs for short).