Introducing W^X: A better page permission policy Many bugs are exploitable because the address space has memory that is both writeable and executable (permissions = W | X) this location has to be executable for the exploit to work We could make the stack non-executable... Hmmmm... how about a generic policy for the whole address space: A page may be either writeable or executable, but not both (unless the program specifically requests) We call this policy W ^ X (W xor X) Let's see how far we can apply it!