On Fri, Apr 9, 2021 at 3:46 PM Laurent Bercot <[email protected]> wrote: > > Oh! That's interesting
Interesting, and very nasty: "Fail open design Since this is the default, the only way to get a non-executable stack is if every object file input to the linker explicitly declares that it does not need an executable stack. To request a non-executable stack, an object file must contain the (empty) section .note.GNU-stack. If even a single object file fails to do this, then the final program gets an executable stack. Not only does one contaminated object file infect the binary, everything dynamically linked with it also gets an executable stack. Entire processes are infected! This occurs even via dlopen(), where the stack is dynamically made executable to accomodate the new shared object." Infectious Executable Stacks <https://nullprogram.com/blog/2019/11/15/>
