Bug#291631: cmp/diff/etc. lack PT_GNU_STACK header
On Sun, Jan 23, 2005 at 10:29:12PM +0100, Jeroen van Wolffelaar wrote:
> Greg: Ease of adding, and potentional negative benefits would be very
> nice to have, and if it's going to be in policy, for lintian a way to
> check for it.
Purpose:
PT_GNU_STACK is used to mark binaries which require an executable stack.
This allows security systems, such as SELinux of grsecurity, to enable
same only when required.
Ease of adding:
Recent versions of gcc (3.3.x) add PT_GNU_STACK by default, so pretty
much anything compiled under sarge or later will pick it up
automatically. It can be disabled by either the compiler or linker if
necessary.
Negative effects:
None that I'm aware of, at least with gcc 3.3.5. I understand that
earlier versions (dunno which ones, specifically) were sometimes too
optimistic when determining whether or not an executable stack was
required.
I'm not sure how lintian might go about checking for this... I can only
say that `execstack -q' and `objdump -p' will both show this
information. I'll do some looking, and see if I can find anything more
concrete.
Reply to: