James Carlson wrote:
> Ali Bahrami wrote:
>> Anyone who understands (1) and (2) is already in a position to include the
>> STACK directive into their mapfiles, and is probably already doing so
>> (as we do in ON, and I know you do in X11).
>
> Yep; agreed. Those who bother with mapfiles are in a good position to
> set the right flags with minimal effort.
>
> Unfortunately, that's likely a distinct minority. Heck, I see few
> software vendors who even use -R correctly. Most rely on users or
> complicated scripts to set LD_LIBRARY_PATH, and are unlikely to indulge
> in exotica like mapfiles.
>
>> I think this stack protection issue is better solved as part of the
>> solution to
>>
>> 6239804 make it easier for ld(1) to do what's best
>>
>> which is something we've been thinking about independently of
>> mapfiles (and of course, something that is not part of this case).
>
> However, when that solution arrives, won't the implication be that
> non-executable stacks become the default way of doing things?
>
> The question then becomes: what are the steps along that path? If
> you're changing the mapfile version number, isn't this a good time to
> introduce at least some of the new behavior by making non-executable
> stacks the default? Why keep the bad old default?
>
I'm not opposed to changing the bad old default (indeed, would
welcome it), but doing it based on the mapfile version seems like
the wrong solution to me. My concerns are:
- Basic UI: Magic defaults that change due to unrelated things
are confusing to use, and to document.
I can easily imagine someone changing to the V2 syntax without
realizing that they've also changed their stack protections.
- It won't affect many objects: As you say, those who use mapfiles
are in a distinct minority, and as v2 mapfiles are something
you have to opt into, those who use them will be a distinct
minority of a distinct minority. In fact, it probably won't
reach anyone we're not already reaching with explicit mapfile
directives today.
- You can have more than one mapfile on an ld command line, and
they are each allowed to be either version 1 or 2 independently
of the others. Which should win?
Consider the example in which you have not converted your
mapfiles, or maybe don't even have one, but are also using
one of the standard ones we provide in /usr/lib/ld, which
will certainly move to V2 once the ld support is in place.
Should your stack defaults change because you used a system
provided mapfile?
I think it would be confusing, and won't make a significant
difference. Executable stacks are bad, but the solution to that
needs to be orthogonal to mapfile syntax.
> However, when that solution arrives, won't the implication be that
> non-executable stacks become the default way of doing things?
No, because it would be an option that the user has to select, and
not a default.
- Ali
