ExecutableStacks

Differences between revisions 4 and 9 (spanning 5 versions)

There are still some programs that have executable stack regions.

open bugs in LP
check an ELF binary: "readelf -lW $BIN | grep GNU_STACK" shows with "E" flag.
Gentoo write-up of what to do: http://www.gentoo.org/proj/en/hardened/gnu-stack.xml

Main/Restricted Packages

Originally generated from the ELF files with executable stacks in Karmic main.

Uses Nested Functions which compiler generates as trampolines on the stack.

SecurityTeam/Roadmap/ExecutableStacks (last edited 2017-08-22 14:25:31 by jdstrand)

-  ⇤ ← Revision 4 as of 2009-08-03 15:36:42 → 
  Size: 1813
  Editor: 89
  Comment:
+   ← Revision 9 as of 2009-08-03 17:00:50 → ⇥
  Size: 1911
  Editor: 89
  Comment:
-Deletions are marked like this.
+Additions are marked like this.
 Line 3:
-  * check an ELF binary: "readelf -l $BIN | grep GNU_STACK" shows with "E" flag.
+  * check an ELF binary: "readelf -lW $BIN | grep GNU_STACK" shows with "E" flag.
 Line 9:
+== Fixed ==
 * zip
 * bogl
-Line 11:
+Line 15:
- * bogl [[http://cvs.fedoraproject.org/viewvc//devel/bogl/bogl-0.1.18-noexecstack.patch?view=markup|patch]]
-Line 13:
+Line 16:
- * grub2
+ * grub2 [[http://savannah.gnu.org/bugs/?25220|upstream bug]]

== Stack Trampolines ==
 * klibc (setjmp implementation)
 * kexec-tools (statically linked against klibc)

== Shipped Precompiled Binary ==
 * fglrx-installer
 * nvidia-graphics-drivers-173
 * nvidia-graphics-drivers-180
 * nvidia-graphics-drivers-71
 * nvidia-graphics-drivers-96
-Line 16:
+Line 30:
- * fglrx-installer
-Line 19:
+Line 32:
- * kexec-tools
 * klibc
-Line 25:
+Line 36:
- * nvidia-graphics-drivers-173
 * nvidia-graphics-drivers-180
 * nvidia-graphics-drivers-71
 * nvidia-graphics-drivers-96