Path: ...!feeds.phibee-telecom.net!weretis.net!feeder8.news.weretis.net!news.swapon.de!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!nnrp.usenet.blueworldhosting.com!.POSTED!not-for-mail
From: Andrew <andrew@spam.net>
Newsgroups: comp.mobile.android
Subject: What do you know about WX policy in Android?
Date: Wed, 12 Jun 2024 05:36:08 -0000 (UTC)
Organization: BWH Usenet Archive (https://usenet.blueworldhosting.com)
Message-ID: <v4bc47$2qg1$1@nnrp.usenet.blueworldhosting.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Injection-Date: Wed, 12 Jun 2024 05:36:08 -0000 (UTC)
Injection-Info: nnrp.usenet.blueworldhosting.com;
	logging-data="92673"; mail-complaints-to="usenet@blueworldhosting.com"
Cancel-Lock: sha1:uvkWOuerU1Y799Ei9H/NjpqvTvc= sha256:Bj4nPv0jjWpPFIRpPyR3vnM7QuLM1FwDHhQ7iPTxd4c=
	sha1:jH9j5zBDdWuWh1dmQ3iUw0SiN/Y= sha256:gIrDVkAml9Ywi64JlTXn9saKHUDUGkLU8gq5i14/TQ4=
X-Newsreader: PiaoHong.Usenet.Client.Free:1.65
Bytes: 2582
Lines: 31

I happened to have installed this app just now & took a look at it in the
Muntashirak App Manager, which said it violates Write or Execute policy...
 <https://play.google.com/store/apps/details?id=com.alextern.shortcutexecutors>

WX <https://i.postimg.cc/pyMxZvkx/wx.jpg>
  The app violates W^X policy and is capable of
  writing and executing in the same directory or
  in the same portion of memory. This allows 
  the execution of arbitrary executables either
  by the modification of executables embedded
  within the app or by downloading them from
  the Internet. Unless this is the intended
  behavior of the app (e.g. terminal emulators),
  it is recommended to find a newer version of
  the app that targets SDK 29 (Android 10) and
  later, or find alternatives.

 <https://en.wikipedia.org/wiki/W%5EX>
 W^X ("write xor execute", pronounced W xor X) is a security 
 feature in operating systems and virtual machines. It is a 
 memory protection policy whereby every page in a process's 
 or kernel's address space may be either writable or executable, 
 but not both. 

 Without such protection, a program can write (as data "W") 
 CPU instructions in an area of memory intended for data and 
 then run (as executable "X"; or read-execute "RX") those instructions. 

 This can be dangerous if the writer of the memory is malicious. 
 W^X is the Unix-like terminology for a strict use of the general
 concept of executable space protection, controlled via the 
 mprotect system call.