Part of the problem is libgcc:
$ readelf -a /lib/libgcc_s.so.1 | egrep LOAD
LOAD 0x00 0x 0x 0x12024 0x12024 R E 0x1
LOAD 0x012024 0x00022024 0x00022024 0x002d0 0x00664 RWE 0x1
Another part is that -msecure-plt is not the default:
$ echo 'int foo
I forgot to point out:
Once this is fixed, all powerpc packages need
to be rebuilt ASAP.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Package: gcc-4.1
Version: 4.1.1-5
Severity: important
The -msecure-plt and -mbss-plt options are ignored.
This contributes to insecurity on powerpc.
(checked via md5sum: not one bit of difference)
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [
Package: gcc-4.1
Version: 4.1.1-5
Severity: important
__trampoline_setup in /lib/libgcc_s.so.1 puts code on the stack.
This contributes to insecurity on powerpc.
A half-way fix is to mmap a page for this evil crud.
This still violates good practice, needing the OS to
allow either write+execute
Package: gcc-4.1
Version: 4.1.1-5
Severity: important
The note.GNU-stack and PT_GNU_STACK stuff apears
to be missing on PowerPC.
This contributes to insecurity on powerpc.
After this gets fixed, the whole damn system needs
to be rebuilt. I don't know where to request that.
--
To UNSUBSCRIBE,
5 matches
Mail list logo