W^x

W^X

W^X ("Write XOR Execute"; spoken as double-u ex-or ex) is the name of a security feature present in the OpenBSD operating system. It is a memory protection policy whereby every page in a process' address space is either writable or executable, but not both simultaneously (the name comes from the XOR Boolean operator). W^X does not prevent these permissions from being requested by applications, write and executable permissions are not used as a matter of policy. The OpenBSD base system has been modified to comply with it. This alleviates some buffer overflow attacks, including the most common stack-based attack: by ensuring that the stack is not executable, arbitrary code injected into it will not execute but instead cause the program to terminate. W^X first appeared in OpenBSD 3.3, released May 2003. Similar features are available for other operating systems, including the PaX and Exec Shield patches for Linux, and NetBSD 4+'s implementation of PaX.

Read more about W^x.