paxctl


SYNTAX
       paxctl <flags> <files>

DESCRIPTION
       paxctl  is  a tool that allows PaX flags to be modified on a per-binary
       basis.  PaX is part of common  security-enhancing  kernel  patches  and
       secure distributions, such as GrSecurity or Adamantix and Hardened Gen-
       too, respectively.  Your system needs to be running a properly  patched
       and configured kernel for this program to have any effect.

       -P     enforce paging based non-executable pages (PAGEEXEC)

       -p     do not enforce paging based non-executable pages (NOPAGEEXEC)

       -E     emulate trampolines (EMUTRAMP)

       -e     do not emulate trampolines (NOEMUTRAMP)

       -M     enforce secure memory protections (MPROTECT)

       -m     do not enforce secure memory protections (NOMPROTECT)

       -R     randomize memory regions (RANDMMAP)

       -r     do not randomize memory regions (NORANDMMAP)

       -X     randomize  base  address  of  normal (ET_EXEC) executables (RAN-
              DEXEC)

       -x     do not randomize base address of  normal  (ET_EXEC)  executables
              (NORANDEXEC)

       -S     enforce segmentation based non-executable pages (SEGMEXEC)

       -s     do  not  enforce segmentation based non-executable pages (NOSEG-
              MEXEC)

       -v     view flags

       -z     restore default flags (further flags still apply)

       -c     create the PT_PAX_FLAGS program header if it does not  exist  by
              converting the PT_GNU_STACK program header if it exists

       -C     create  the  PT_PAX_FLAGS program header if it does not exist by
              adding a new program header, if it is possible

       -q     suppress error messages

       -Q     report flags in short format

CAVEATS
       The old PaX flag location and control method have  been  obsoleted,  if

       Note that paxctl does not make backup copies of the files it modifies.

AUTHOR
       Written by The PaX Team <pageexec@freemail.hu>

       This manpage was adapted from the chpax manpage written  by  Martin  F.
       Krafft  <madduck@debian.org> for the Debian GNU/Linux Distribution, but
       may be used by others.

SEE ALSO
       chpax(1), gradm(8)

       PaX website: http://pax.grsecurity.net

       GrSecurity website: http://www.grsecurity.net

       Adamantix website: http://adamantix.org

       Hardened Gentoo website: http://www.gentoo.org/proj/en/hardened



paxctl Manual                     2006-06-18                         paxctl(1)
Man Pages Copyright Respective Owners. Site Copyright (C) 1994 - 2017 Hurricane Electric. All Rights Reserved.