This is the command paxctl that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator
PROGRAM:
NAME
paxctl - user-space utility to control PaX flags
SYNTAX
paxctl <flags> <files>
DESCRIPTION
paxctl is a tool that allows PaX flags to be modified on a per-binary basis. PaX is part
of common security-enhancing kernel patches and secure distributions, such as GrSecurity
and Hardened Gentoo, respectively. Your system needs to be running a properly patched and
configured kernel for this program to have any effect.
-P enforce paging based non-executable pages (PAGEEXEC)
-p do not enforce paging based non-executable pages (NOPAGEEXEC)
-E emulate trampolines (EMUTRAMP)
-e do not emulate trampolines (NOEMUTRAMP)
-M enforce secure memory protections (MPROTECT)
-m do not enforce secure memory protections (NOMPROTECT)
-R randomize memory regions (RANDMMAP)
-r do not randomize memory regions (NORANDMMAP)
-X randomize base address of normal (ET_EXEC) executables (RANDEXEC)
-x do not randomize base address of normal (ET_EXEC) executables (NORANDEXEC)
-S enforce segmentation based non-executable pages (SEGMEXEC)
-s do not enforce segmentation based non-executable pages (NOSEGMEXEC)
-v view flags
-z reset all flags (further flags still apply)
-c create the PT_PAX_FLAGS program header if it does not exist by converting the
PT_GNU_STACK program header if it exists
-C create the PT_PAX_FLAGS program header if it does not exist by adding a new program
header, if it is possible
-q suppress error messages
-Q report flags in short format
CAVEATS
The old PaX flag location and control method have been obsoleted, if your kernel and
binaries use it you have to use chpax(1) instead (it is recommended to use PT_PAX_FLAGS
along with -c or -C however).
Converting PT_GNU_STACK into PT_PAX_FLAGS means that the information in the former is
destroyed, in particular you must make sure that the EMUTRAMP PaX option is properly set
in the newly created PT_PAX_FLAGS. The secure way is to disable EMUTRAMP first and if PaX
reports stack execution attempts from nested function trampolines then enable it.
Note that the new PT_PAX_FLAGS is created in the same state that binutils/ld itself would
produce (equivalent to -zex).
Note that if you use both PT_PAX_FLAGS and the extended attribute PaX flags on a binary
then they must be exactly the same (except for RANDEXEC).
Note that RANDEXEC is no longer supported by PaX kernels since 2.6.13, the paxctl flags
are simply ignored there.
Note that paxctl does not make backup copies of the files it modifies.
Note that paxctl is meant to work on the native architecture's binaries only, however it
should work on foreign binaries as long as they have the same endianess as the native
architecture (e.g., an i386 paxctl should work on amd64 or little-endian arm but not on
big-endian mips binaries).
Use paxctl online using onworks.net services