Displaying 5 results from an estimated 5 matches for "executablestacks".
Did you mean:
executable_stack
2020 Jun 25
5
process '/usr/bin/rsync' started with executable stack
...>
> > Where does fstype come from there? I am going to guess it is either
> > busybox or linked against klibc?
> >
> > klibc has known problems with executable stacks due to its trampoline
> > implementation:
> > https://wiki.ubuntu.com/SecurityTeam/Roadmap/ExecutableStacks
>
> Yeah. It comes from klibc-utils.
This is exactly what I was worried about back in Feb:
https://lore.kernel.org/lkml/202002251341.48BC06E at keescook/
This warning, combined with klibc-based initrds, makes the whole thing
pointless because it will always warn once on boot for the klibc...
2020 Feb 06
4
Latest kernel reports "process '/bin/sh' started with executable stack"
With latest kernel (Linus tree as of 5.6 merge window), I get the
following warning in the kernel 'dmesg':
[ 5.746588] process '/bin/sh' started with executable stack
This comes from commit
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/fs/exec.c?id=47a2ebb7f5053387f5753b524f4920b9b829f922
"execve: warn if process starts with executable
2020 Feb 28
1
Latest kernel reports "process '/bin/sh' started with executable stack"
...unexpected. And it is the case for all
> > klibc tools.
> >
> > How can we fix that ?
>
> klibc uses trampolines for its setjmp implementation. I ran into this
> years ago when eradicating executable stacks from Ubuntu:
> https://wiki.ubuntu.com/SecurityTeam/Roadmap/ExecutableStacks
I've looked at all the setjmp() implementations and didn't spot any use
of trampolines.
Ben.
--
Ben Hutchings
If more than one person is responsible for a bug, no one is at fault.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: a...
2020 Feb 25
0
Latest kernel reports "process '/bin/sh' started with executable stack"
...Indeed, the stack is rwx, which is unexpected. And it is the case for all
> klibc tools.
>
> How can we fix that ?
klibc uses trampolines for its setjmp implementation. I ran into this
years ago when eradicating executable stacks from Ubuntu:
https://wiki.ubuntu.com/SecurityTeam/Roadmap/ExecutableStacks
--
Kees Cook
2020 Jul 25
0
process '/usr/bin/rsync' started with executable stack
...es fstype come from there? I am going to guess it is either
> > > busybox or linked against klibc?
> > >
> > > klibc has known problems with executable stacks due to its trampoline
> > > implementation:
> > > https://wiki.ubuntu.com/SecurityTeam/Roadmap/ExecutableStacks
> >
> > Yeah. It comes from klibc-utils.
>
> This is exactly what I was worried about back in Feb:
> https://lore.kernel.org/lkml/202002251341.48BC06E at keescook/
>
> This warning, combined with klibc-based initrds, makes the whole thing
> pointless because it wil...