Hi Alexander,

On Tue, Aug 25, 2009 at 04:52:06PM +0400, Solar Designer wrote:
> On Mon, Aug 24, 2009 at 07:04:01PM -0700, Kees Cook wrote:
> > It seems that john is built (in some situation) against assembly code that
> > lack stack markings[1].  This results in the entire program being built
> > with an executable stack.
> > 
> > The attached patch solve this by adding a default ASFLAGS option to turn
> > off executable stacks when assembling.
> Yes, I am aware of this issue - for some years now, in fact.  I did not
> fix it yet because I was worried that the proposed fixes would break
> portability to some older and/or non-Linux systems, and I did not have
> time to check (had more important stuff to do).  Well, I checked the
> .section approach as used by Gentoo on an 11 years old Linux system
> just recently - and it worked (in the sense that it did not break the
> compile).  So I think I will just use it with a proper #ifdef.

Ah, perfect.  Generally it's up in the air which is better (ifdef'ing each
.s file, or a version-sensitive ASFLAGS).  Thanks for looking into it!

> Meanwhile, it is up to you to choose any of these approaches for the
> Debian and Ubuntu packages.

Sure thing.  Since we've already got specific versions of compilers, I
think ASFLAGS is the smallest patch, so we'll probably keep that until we
pull the exec-stack-fixed version of john.  :)

> On a related note, I think that exec-shield lacks an enforcing mode
> (sysctl'able) where it would ignore those flags, because most binaries
> that it treats as potentially requiring executable stack actually don't.

Well, the memory-protection bits are mainline (not part of the exec-shield
patches), but yes, the ELF loader non-optionally sets the memory
protections based on GNU_STACK flags.


kees Cook                                            @debian.org

Pkg-john-devel mailing list

Reply via email to