Uzbl does anonymous mappings, so PaX will kill it and something similar to this will be logged:
PAX: From 79.144.197.25: execution attempt in: , a0ed8000-a0ee4000 a0ed8000
PAX: terminating task: /usr/bin/uzbl(uzbl):32099, uid/euid: 0/0, PC: a0ed824c, SP: b54af27c
PAX: bytes at PC: 59 89 4f ec c7 07 0a 00 00 00 c7 47 04 0a 00 00 00 c7 47 08
PAX: bytes at SP-4:
This flags work:
# paxctl -v /usr/bin/uzbl
PaX control v0.5
Copyright 2004,2005,2006,2007 PaX Team
- PaX flags: P-S--mX-E-R- [/usr/bin/uzbl]
PAGEEXEC is enabled
SEGMEXEC is enabled
MPROTECT is disabled
RANDEXEC is enabled
EMUTRAMP is enabled
RANDMMAP is enabled
Note: for gcc >= 4 then use chpax, for gcc < 4 use paxctl.
This is how to set it up:
# paxctl -PEmRXS /usr/bin/uzbl