tech-toolchain archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Trouble with new GNU_STACK segment



On Sat, Nov 07, 2015 at 03:20:00PM -0500, Christos Zoulas wrote:
> On Nov 7,  8:17pm, martin%duskware.de@localhost (Martin Husemann) wrote:
> -- Subject: Re: Trouble with new GNU_STACK segment
> 
> | On Sat, Nov 07, 2015 at 06:54:19PM +0000, Christos Zoulas wrote:
> | > Yes, I guess the best thing is to strip it with a linker script. It
> | > seems to be done on purpose:
> | 
> | How about deleting it with objcopy from the kernels?
> 
> That works too. I wonder though, why are we putting the note in the first
> place since nothing uses it... I guess we could add support for it to
> the dynamic linker (and might as well add relro support while we are at it)...

I'm strongly against that. The only reasons for every wanting an
executable stack are broken legacy signal stubs and the broken nested
functions implementation in GCC. I don't see either as a good reason for
compromising security.

Joerg


Home | Main Index | Thread Index | Old Index