Date: Sun, 5 Aug 2012 18:45:01 -0400 From: Rich Felker <dalias@...ifal.cx> To: musl@...ts.openwall.com Subject: Re: noexecstack On Sun, Aug 05, 2012 at 03:01:08PM -0700, Nathan McSween wrote: > On Sun, Aug 5, 2012 at 2:46 PM, Rich Felker <dalias@...ifal.cx> wrote: > > On Sun, Aug 05, 2012 at 11:35:36PM +0200, Daniel Cegiełka wrote: > >> Vasily Kulikov published a patch for nonexecutable stack for glibc in Owl. > >> > >> http://openwall.com/lists/owl-dev/2012/08/05/1 > >> http://openwall.com/lists/owl-dev/2012/08/05/3 > >> > >> Should we support this in the musl? > > > > Yes, but there should be a way to do it without putting ugly stuff > > like this in every single asm file. Why isn't there a command-line > > option to the assembler to do it? Or a way to do it globally with > > objcopy? > > > > Better yet, why is executable stack even still supported by Linux at > > all? > > > > Rich > > GCC nested functions require executable stack Yes, I'm aware... > and consequently quite a > few GNU / bad projects utilize this 'feature'. I doubt they do anymore since, as far as I know, most security-hardened kernels permanently disable executable stack even in programs that "request" it (by failing to put a GNU-specific header not requesting it). A while back I had to fix musl's thread stack allocation to use PROT_READ|PROT_WRITE without PROT_EXEC because hardened kernels were refusing to make the mapping altogether with both PROT_WRITE and PROT_EXEC specified. So at present, executable stack is not supported in musl anyway except in the main thread, and I'd be plenty happy to just kill it off completely if there were a way.. Rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.