James Courtier-Dutton wrote: > scanelf is a tool one can use to find which programs have an executable > stack. For security reasons, and executable stack should be avoided if > at all possible. > > scanelf -Rqe /usr/lib/openoffice/* > > results in a lot of openoffice having an executable stack. > e.g. > RWX --- --- /usr/lib/openoffice/program/soffice.bin > > Can openoffice developers take some care so as to avoid this. > It makes exploits so much easier to do in openoffice, and making the > stack only RW- would result in openoffice being a lot more secure. > > Some guidelines on how to correct these problems can be found here: > http://www.gentoo.org/proj/en/hardened/gnu-stack.xml > > Kind Regards > > James >
Have I posted this to the wrong mailing list? Is there a security email address I should post this to instead? Kind Regards James --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
