On Wed, Jun 24, 2020 at 07:51:48PM +0300, Dan Carpenter wrote: > In Debian testing the initrd triggers the warning. > > [ 34.529809] process '/usr/bin/fstype' started with executable stack
Where does fstype come from there? I am going to guess it is either busybox or linked against klibc? klibc has known problems with executable stacks due to its trampoline implementation: https://wiki.ubuntu.com/SecurityTeam/Roadmap/ExecutableStacks > > $ checksec --format=json --extended > --file=/var/tmp/mkinitramfs_eTyMPQ/bin/fstype | jq > { > "file": { > "relro": "no", > "canary": "no", > "nx": "no", > "pie": "no", > "clangcfi": "no", > "safestack": "no", > "rpath": "no", > "runpath": "no", > "symbols": "no", > "fortify_source": "no", > "fortified": "0", > "fortify-able": "0" > } > } Wow. _nothing_ implemented. :( -- Kees Cook
