Project

General

Profile

Actions
Copy link

Bug #10114

closed

assembly files need annotation to assert that stack should not be executable

Added by Dan Mick over 9 years ago. Updated over 9 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Dan Mick
Category:
common
Target version:
-
% Done:

100%

Source:
Development
Tags:
Backport:
Regression:
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Actions
Copy link
 #1

Updated by Dan Mick over 9 years ago

References:

https://bugzilla.redhat.com/show_bug.cgi?id=1118504 the original bug that noticed the problem on Fedora

http://www.akkadia.org/drepper/nonselsec.pdf a description of the Exec-Shield functionality that catches the problem; see Appendix A for mitigation

https://wiki.ubuntu.com/SecurityTeam/Roadmap/ExecutableStacks Ubuntu recommendations that lead me to try

section .note.GNU-stack noalloc noexec nowrite progbits

in all assembly files

Actions
Copy link
 #2

Updated by Dan Mick over 9 years ago

  • Category set to common
  • Status changed from New to Fix Under Review
  • Assignee set to Dan Mick
  • Source changed from other to Development

seeming workaround in wip-execstack

Actions
Copy link
 #3

Updated by Samuel Just over 9 years ago

Looks like it's merged, does this need to be backported?

Actions
Copy link
 #6

Updated by Loïc Dachary over 9 years ago

  • Status changed from Fix Under Review to Resolved
  • % Done changed from 0 to 100
Actions
Copy link

Also available in: Atom PDF