>> The reliance on W^X violating behavior is something I would like >> to see >> removed, > > That behaviour does not exist. The binary blobs aren't created as > part of the normal build process, and even if they were, the code > writes the bytecodes to disk, it does not directly execute them. Actually what they are refering to is that dyncall and libffi both require an executable stack. We can't get around that without making changes to libffi and dyncall, sadly.
- Re: Verifiable Releases/The Build System ... Steve Mynott
- Re: Verifiable Releases/The Build System ... zoffix
- Re: Verifiable Releases/The Build Sy... R0b0t1
- Re: Verifiable Releases/The Buil... Joachim Durchholz
- Re: Verifiable Releases/The Buil... Steve Mynott
- Re: Verifiable Releases/The ... Aleks-Daniel Jakimenko-Aleksejev
- Re: Verifiable Releases/... R0b0t1
- Re: Verifiable Rele... R0b0t1
- Re: Verifiable ... Steve Mynott
- Re: Verifiable Rele... Joachim Durchholz
- Re: Verifiable ... Timo Paulssen
- Re: Verifiable ... Joachim Durchholz
- Re: Verifiable ... Mark Montague
- Re: Verifiable ... Timo Paulssen
- Re: Verifiable ... Mark Montague
- MoarVM and deny... Timo Paulssen
- Re: Verifiable ... R0b0t1
- Re: Verifiable ... Joachim Durchholz
- Re: Verifiable Releases/The ... Timo Paulssen
- Re: Verifiable Releases/... Steve Mynott
- Re: Verifiable Releases/... Steve Mynott