• Creator
  • #2196516

    What does “/noexecute=optin” mean in boot.ini file?


    by dhart131 ·

    /noexecute=optin is part of a line in a boot.ini file and I am wondering what it does.

All Answers

  • Author
    • #3041657


      by dhart131 ·

      In reply to What does “/noexecute=optin” mean in boot.ini file?


    • #3041656

      From the horse’s mouth:

      by seanferd ·

      In reply to What does “/noexecute=optin” mean in boot.ini file?

      “The /noexecute parameter enables Data Execution Prevention (DEP), a set of hardware and software technologies designed to prevent harmful code from running in protected memory locations.”

    • #2859525

      Number 2 out of 4…

      by tobif ·

      In reply to What does “/noexecute=optin” mean in boot.ini file?

      Out of four possible states for data execution prevention, this is the second weakest.

      DEP, Data execution prevention is hardware control, where the processor will not allow execution of some bytes, if they are in a location that was marked as DATA, rather than EXECUTABLE.

      Whenever you read about a security patch for a “buffer overun”, know that DEP could have helped to prevent this problem.

      Unfortunately, many computer programs are poorly written and mix data and program instructions in such a way that one can’t use this good security measure. (As far as I know, however, 64bit versions of windows enforce DEP to be on at all times.)

      On 32-bit windows platforms, there are 4 possible policies that can be declared. They are, from weakest to strongest:

      The default value is opt-in, where DEP will be applied only for those computer programs, which declare that DEP should be used.
      Opt-out enables DEP, but allows the program to opt-out.
      The other two options are self explanatory, I hope.

      On my computer, I changed long time ago to OPTOUT, and (knock on wood), haven’t noticed any misbehaving programs. This means that I managed to raise the security a lot.

      Hope this helps.

      • #2859429

        Thank you

        by dhart131 ·

        In reply to Number 2 out of 4…

        Thanks for satisfying my curiousity. I was trying to figure out if it had anything to do with my safe mode login Post. Now I now it does not.

Viewing 2 reply threads