grsecurity forums

Skip to content

installing rpm's on redhat box denied.

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.
Topic locked

Postby PaX Team » Fri Apr 16, 2004 5:02 pm

superbock wrote:I did not re-check readelf's output. But i did see the the compilations output and i'm sure -z noexecstack was used. Is it still possible that this could not help at all?
well, it's weird, the -z switch is supposed to override the automatic detection in ld, so you should have gotten a RW STACK header, not an RWE one.
Can i consider the use of execstack as a clean workaround for this?
yes, it achieves the same as it changes the PT_GNU_STACK header directly.
PaX Team
 
Posts: 2310
Joined: Mon Mar 18, 2002 4:35 pm
Top

Postby superbock » Fri Apr 16, 2004 6:09 pm

I just altered the Makefiles on the source RPMS's, repackaged and rebuilt.
I double checked those changes on the makefiles (seem correct) and re-installed the binaries. Still RWE.

Anyway, this execstack thing sure was handy! And i took a closer at look at it's man page now and it says exactly what you mention, it's an alternative to the link option.

Well, tks for your help! Got some ACL redesigning to do now :)
superbock
 
Posts: 37
Joined: Sun Mar 31, 2002 6:34 pm
Top
Previous
Topic locked

Return to grsecurity support

Powered by phpBB® Forum Software © phpBB Group
cron