-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It would be useful for exec-shield users to have libcrypto correctly
marked. Otherwise exec-shield is disabled for several important network
servers where it is most useful to have it working, including the
following: sshd, named, slurpd, cyrmaster, mysqld, sendmail, ntpd.

Some of these also depend on libgcrypt, so that library would also have
to be looked at.

FWIW, it appears that Fedora Core 4 compiles OpenSSL with
- -Wa,--noexecstack as can be seen from the following lines from
openssl.spec (from the openssl source RPM for FC4). This seems to
indicate that OpenSSL indeed does not require an executable stack.

- ------from openssl.spec:----------------------------------------------
# Add -Wa,--noexecstack here so that libcrypto's assembler modules will be
# marked as not requiring an executable stack.
RPM_OPT_FLAGS="$RPM_OPT_FLAGS -Wa,--noexecstack"
make depend
make all build-shared
- -----------------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDHvsmXjXn6TzcAQkRAlXXAJoDOJXom+7lm+wVIQ/53Q3K3A8WGwCfVdvU
ChczMNLkYb91dpGvrZXpCNY=
=knID
-----END PGP SIGNATURE-----


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to