> Peter N. M. Hansteen:
>
> > >Description: Running post-6.0 amd64 snapshots, thunderbird segfaults at
> > >startup:
>
> That's a combination of three things:
>
> (1) The Mozilla code has W^X violations.
> (2) The ports for the various Mozilla programs fail to label the
> binaries with the wxneeded marker.
> (3) In snapshots, mmap() now returns an ENOTSUP error if (1) and (2),
> and the Mozilla code doesn't handle this.
(1) is outside our control
(2) is probably within ports group control
(3) is the direction we are trying to go. OpenBSD 6.0 only generates
a log message -- which creates awareness of problem (1) but gets
us nowhere near a solution.
If we want a future release of OpenBSD to have a split between W^X
allowed vs not-allowed binaries in /usr/local binaries, we need (2)
to happen to some degree.
And we need mmap() for non-permitted mappings to start returning
an actual error.
log messages will have little impact on improving W^X security.
