James Courtier-Dutton wrote:
James Courtier-Dutton wrote:
scanelf is a tool one can use to find which programs have an executable
stack. For security reasons, and executable stack should be avoided if
at all possible.
scanelf -Rqe /usr/lib/openoffice/*
results in a lot of openoffice having an executable stack.
e.g.
RWX --- --- /usr/lib/openoffice/program/soffice.bin
Can openoffice developers take some care so as to avoid this.
It makes exploits so much easier to do in openoffice, and making the
stack only RW- would result in openoffice being a lot more secure.
Some guidelines on how to correct these problems can be found here:
http://www.gentoo.org/proj/en/hardened/gnu-stack.xml
Kind Regards
James
Have I posted this to the wrong mailing list?
Is there a security email address I should post this to instead?
Kind Regards
James
James,
I had only read your original post yesterday (as I had been on
vacation), and I vaguely remember that we already had some traffic
(issues, mailing lists?) on this topic before, but did not yet manage to
dig that out again. Please stay tuned. :)
-Stephan
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
