Bug#291631: cmp/diff/etc. lack PT_GNU_STACK header
On Sat, Jan 22, 2005 at 02:51:23PM +0100, Santiago Vila wrote:
> On Fri, 21 Jan 2005, Greg Norris wrote:
>
> > Package: diff
> > Version: 2.8.1-9
> > Severity: minor
> >
> > The binaries appear to have been built without the PT_GNU_STACK header,
> > which makes the 2.6.10 kernel enable read-implies-exec behaviour. This
> > in turn causes problems under SELinux, because executable stacks are not
> > typically allowed for legacy binaries.
> >
> > $ execstack -q `which cmp diff`
> > ? /usr/bin/cmp
> > ? /usr/bin/diff
> >
> > It appears that rebuilding with a current toolchain is all that's
> > required to work around this issue. I didn't have to do anything
> > special under sid (i386), at least.
> >
> > $ gcc --version | head -1
> > gcc (GCC) 3.3.5 (Debian 1:3.3.5-6)
> > $ execstack -q `which cmp diff`
> > - /usr/bin/cmp
> > - /usr/bin/diff
> >
> >
> > I've set the severity to minor, since SELinux isn't currently integrated
> > into Debian proper. Please let me know if you need any additional
> > information.
>
> I closed this bug because there must be literally hundreds of packages
> like this and I consider premature to submit bugs for all of them.
I made a statistic on my machine:
1341 are '-' and 76 are '?' so less than 1% has the problem.
More importantly, there are all binaries that have been build a long
time ago, with the exception of diffutils and rcs binaries.
Since diffutils was uploaded the 19/01/2005 I see no explanation why
it has the problem unless the maintainer built it on top of woody.
(The gcc changes is dated Sun, 9 Nov 2003).
> However, it could be that the lintian maintainer might be willing to add
> a check for this, so I'm reassigning this to lintian as a wishlist.
Why not just rebuild diffutils on top of current sid and closing this
bug ? This has always been the recommended practice.
Cheers,
--
Bill. <ballombe@debian.org>
Imagine a large red swirl here.
Reply to: