[patch] Adding stack markings to the x86 assembly for not using executable stack
mark at klomp.org
Wed Sep 2 04:29:24 PDT 2009
On Tue, 2009-09-01 at 13:29 -0700, Tom Rodriguez wrote:
> it wouldn't be a bad idea to request non-
> executable stacks though this brings up a question about how all this
> interacts with shared libraries. If you have an executable that
> disables execute and it dlopens a library that doesn't, what happens?
> Presumably the executables and libraries have to be in agreement for
> this to really work, right?
If anything (executable, shared library) needs executable stack ld.so
will mark the stack as executable. When you dlopen a shared library that
needs executable stack and the stack wasn't marked as executable yet
then the stack will be made executable.
Except of course when selinux is set to enforce disallowing marking the
stack executable (which is a good thing to have, it will quickly catch
mistakes like the above).
More information about the distro-pkg-dev