FS#75601 - [binutils] Set --enable-default-execstack=no configure option
Attached to Project:
Arch Linux
Opened by Thibaut Sautereau (thithib) - Sunday, 14 August 2022, 13:17 GMT
Last edited by freswa (frederik) - Sunday, 14 August 2022, 15:46 GMT
Opened by Thibaut Sautereau (thithib) - Sunday, 14 August 2022, 13:17 GMT
Last edited by freswa (frederik) - Sunday, 14 August 2022, 15:46 GMT
|
Details
binutils 2.39 added new configure options for ld [1]. In
particular, --enable-default-execstack=no "will stop the
creation of an executable stack simply because an input file
is missing a .note.GNU-stack section, even on architectures
where this behaviour is the default".
Although the ELF linker now generates a warning message in such a case [1], you might want to set this option considering it would be even safer to finally get rid of this dangerous default behaviour that has a strong track record of producing undesired weakened binaries. In other words, an executable stack is such a hazard and an exception nowadays that it should always be explicitly requested when really needed, with `-z execstack`, and not happen by accident just because an object built from assembler source is missing the GNU-stack note due to an oversight. [1] https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=blob_plain;f=ld/NEWS;hb=refs/tags/binutils-2_39 |
This task depends upon
Closed by freswa (frederik)
Sunday, 14 August 2022, 15:46 GMT
Reason for closing: Implemented
Additional comments about closing: Committed revision 452708.
Sunday, 14 August 2022, 15:46 GMT
Reason for closing: Implemented
Additional comments about closing: Committed revision 452708.
Thanks for reporting!