Hello James, you may want to post it on [EMAIL PROTECTED]
Thanks, Charles. James Courtier-Dutton a écrit : > James Courtier-Dutton wrote: > >> scanelf is a tool one can use to find which programs have an executable >> stack. For security reasons, and executable stack should be avoided if >> at all possible. >> >> scanelf -Rqe /usr/lib/openoffice/* >> >> results in a lot of openoffice having an executable stack. >> e.g. >> RWX --- --- /usr/lib/openoffice/program/soffice.bin >> >> Can openoffice developers take some care so as to avoid this. >> It makes exploits so much easier to do in openoffice, and making the >> stack only RW- would result in openoffice being a lot more secure. >> >> Some guidelines on how to correct these problems can be found here: >> http://www.gentoo.org/proj/en/hardened/gnu-stack.xml >> >> Kind Regards >> >> James >> >> > > Have I posted this to the wrong mailing list? > > Is there a security email address I should post this to instead? > > Kind Regards > > James > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]