Ali Bahrami wrote: > Anyone who understands (1) and (2) is already in a position to include the > STACK directive into their mapfiles, and is probably already doing so > (as we do in ON, and I know you do in X11).
Yep; agreed. Those who bother with mapfiles are in a good position to set the right flags with minimal effort. Unfortunately, that's likely a distinct minority. Heck, I see few software vendors who even use -R correctly. Most rely on users or complicated scripts to set LD_LIBRARY_PATH, and are unlikely to indulge in exotica like mapfiles. > I think this stack protection issue is better solved as part of the > solution to > > 6239804 make it easier for ld(1) to do what's best > > which is something we've been thinking about independently of > mapfiles (and of course, something that is not part of this case). However, when that solution arrives, won't the implication be that non-executable stacks become the default way of doing things? The question then becomes: what are the steps along that path? If you're changing the mapfile version number, isn't this a good time to introduce at least some of the new behavior by making non-executable stacks the default? Why keep the bad old default? -- James Carlson 42.703N 71.076W <carlsonj at workingcode.com>
