Fix issues with SELinux#483
Conversation
Also check for execstack in the configure script.
|
Why do we need executable stacks? That seems like a bad idea. Is it the main/bridges code that generates executable snippets of machine code? |
|
I am not sure about what module needs that particular feature. When running AOO 4.1.16 on systems with SELinux enabled, error messages appear and the audit logs contain entries like the following: Please see this thread on dev@. |
We need to disable, not enable executable stack! This reverts commit 14a569e.
|
I understood that I was trying to solve the wrong problem. This PR is supposed to be squashed and merged. |
| LDFLAGS:=-Wl,-R'$$$$ORIGIN:$$$$ORIGIN/../ure-link/lib' | ||
| .ENDIF # "$(OS)$(COM)"=="SOLARISC52" | ||
|
|
||
| .IF "$(OS)"=="LINUX" |
There was a problem hiding this comment.
Should we also test for OS="FREEBSD", or use GUI="UNX" instead?
There was a problem hiding this comment.
IIRC FreeBSD has GCC and Clang... does Clang accept -Wl,-z,noexecstack? Otherwise we need to differentiate
There was a problem hiding this comment.
Yes, Clang does accept it.
2 participants
Newer Linux distributions come with SELinux on by default.
Binaries produced by our "official" build VM do not take that into account.
This pull request is against the AOO41X branch because AOO42X and trunk are supposed to be built with more recent compilers, that do not need this additional invocation of
execstack.