Re: Trouble with new GNU_STACK segment

To: tech-toolchain%netbsd.org@localhost
Subject: Re: Trouble with new GNU_STACK segment
From: Joerg Sonnenberger <joerg%britannica.bec.de@localhost>
Date: Sat, 7 Nov 2015 21:50:06 +0100

On Sat, Nov 07, 2015 at 03:20:00PM -0500, Christos Zoulas wrote:
> On Nov 7,  8:17pm, martin%duskware.de@localhost (Martin Husemann) wrote:
> -- Subject: Re: Trouble with new GNU_STACK segment
> 
> | On Sat, Nov 07, 2015 at 06:54:19PM +0000, Christos Zoulas wrote:
> | > Yes, I guess the best thing is to strip it with a linker script. It
> | > seems to be done on purpose:
> | 
> | How about deleting it with objcopy from the kernels?
> 
> That works too. I wonder though, why are we putting the note in the first
> place since nothing uses it... I guess we could add support for it to
> the dynamic linker (and might as well add relro support while we are at it)...

I'm strongly against that. The only reasons for every wanting an
executable stack are broken legacy signal stubs and the broken nested
functions implementation in GCC. I don't see either as a good reason for
compromising security.

Joerg

References:
- Re: Trouble with new GNU_STACK segment
  - From: Martin Husemann
- Re: Trouble with new GNU_STACK segment
  - From: Christos Zoulas

Prev by Date: Re: Trouble with new GNU_STACK segment
Next by Date: Re: Trouble with new GNU_STACK segment
Previous by Thread: Re: Trouble with new GNU_STACK segment
Next by Thread: Re: Trouble with new GNU_STACK segment
Indexes:

Home | Main Index | Thread Index | Old Index