Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon, 6 Aug 2012 08:55:32 +0100
From: Justin Cormack <justin@...cialbusservice.com>
To: musl@...ts.openwall.com
Subject: Re: noexecstack

On Mon, Aug 6, 2012 at 8:16 AM, Daniel Cegiełka
<daniel.cegielka@...il.com> wrote:
> 2012/8/6 orc <orc@...server.ru>:
>> On Sun, 5 Aug 2012 23:35:36 +0200
>
>> Correct me if I'm wrong, but this is ugly stuff.
>>
>> - binutils ld has -z noexecstack command line option.
>> - this (GNU_STACK) is binutils-specific (tinycc, for example, does not
>>   generate ELFs with that section, and future direction should be on
>>   that plain ELFs without any gnuish extensions IMO)
>> - Kernel sets executable stack by default, kernel can be patched not to
>>   do that (that's one line patch per architecture)
>
> Can you give some example of how to do it? It might be worthwhile to
> introduce it into the main repository of Linux. What do you think?

That seems very sane to me. CONFIG_EXEC_STACK=n or something. I
imagine the distros would pick it up pretty fast. (Unless it breaks
Oracle or something, but at least the option is there, and it doesnt
rule out any of the other options).

Justin

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.