[opensuse-security] Does /usr/lib64/libcrypto.so.0.9.8 really need an executable task in SLES11 SP1?
Dear all, I'm running several SLES11 SP1 servers on Grsecurity/PaX kernels. Lately I updated these servers and new /usr/lib64/libcrypto.so.0.9.8 libraries seem to need an executable stack which causes some problems with PaX. Earlier versions of this library in SLES11 SP1 didn't need an executable task! However, after simply issuing execstack -c /usr/lib64/libcrypto.so.0.9.8 , everything seems to work correctly even with PaX. Nothing seems to be broken so far! Isn't it possible that /usr/lib64/libcrypto.so.0.9.8 only mistakenly pretends that in need an executable stack, but it doesn't really need it? Thank you in advance, Tamás Németh IT sysadmin University of West Hungary -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
Németh Tamás wrote:
I'm running several SLES11 SP1 servers on Grsecurity/PaX kernels. Lately I updated these servers and new /usr/lib64/libcrypto.so.0.9.8 libraries seem to need an executable stack which causes some problems with PaX. Earlier versions of this library in SLES11 SP1 didn't need an executable task!
Indeed. You are right. Well spotted! I've filed bug 755395 to request disabling of executable stack again. Thanks for the report! cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.de/ SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg) -- To unsubscribe, e-mail: opensuse-security+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-security+owner@opensuse.org
participants (2)
-
Ludwig Nussel -
Németh Tamás