paxctl <flags> <files>
paxctl is a tool that allows PaX flags to be modified on a per-binary
basis. PaX is part of common security-enhancing kernel patches and
secure distributions, such as GrSecurity or Adamantix and Hardened Gen-
too, respectively. Your system needs to be running a properly patched
and configured kernel for this program to have any effect.
-P enforce paging based non-executable pages (PAGEEXEC)
-p do not enforce paging based non-executable pages (NOPAGEEXEC)
-E emulate trampolines (EMUTRAMP)
-e do not emulate trampolines (NOEMUTRAMP)
-M enforce secure memory protections (MPROTECT)
-m do not enforce secure memory protections (NOMPROTECT)
-R randomize memory regions (RANDMMAP)
-r do not randomize memory regions (NORANDMMAP)
-X randomize base address of normal (ET_EXEC) executables (RAN-
-x do not randomize base address of normal (ET_EXEC) executables
-S enforce segmentation based non-executable pages (SEGMEXEC)
-s do not enforce segmentation based non-executable pages (NOSEG-
-v view flags
-z restore default flags (further flags still apply)
-c create the PT_PAX_FLAGS program header if it does not exist by
converting the PT_GNU_STACK program header if it exists
-C create the PT_PAX_FLAGS program header if it does not exist by
adding a new program header, if it is possible
-q suppress error messages
-Q report flags in short format
The old PaX flag location and control method have been obsoleted, if
Note that paxctl does not make backup copies of the files it modifies.
Written by The PaX Team <email@example.com>
This manpage was adapted from the chpax manpage written by Martin F.
Krafft <firstname.lastname@example.org> for the Debian GNU/Linux Distribution, but
may be used by others.
PaX website: http://pax.grsecurity.net
GrSecurity website: http://www.grsecurity.net
Adamantix website: http://adamantix.org
Hardened Gentoo website: http://www.gentoo.org/proj/en/hardened
paxctl Manual 2006-06-18 paxctl(1)
Man Pages Copyright Respective Owners. Site Copyright (C) 1994 - 2017
All Rights Reserved.