I've noticed that as of some days ago, some packages I build on rawhide are now
triggering the "W: executable-stack" warning for all included executables and
shared libraries.
I'm not sure which change might be the cause of this, but meson 0.50.0 seems to
be a good candidate, since all my affected packages are built with meson and
the new version landed six days ago.
Is that new warning something we should worry about?
Yes. The warning means that an executable is not as secure as it could be
against malware.
The likely cause is some assembly-language source file that lacks a line such as
.section .note.GNU-stack,"",@progbits
which tells the assembler and static binder (/usr/bin/ld) that "the code in
this file
does not need an executable stack."
To identify the files that lack the line:
find src -name '*.S' | sort > files-S.txt
grep -l note.GNU-stack $(< files-S.txt) > files-non-W-stack.txt
comm -3 files-S.txt files-non-W-stack.txt
To remove the warning: append the line to the end of each file listed
in the output from 'comm'.
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
