swarm-support
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: gcc puts executable code on the stack frame

From: Nick Collier
Subject: Re: gcc puts executable code on the stack frame
Date: Tue, 25 May 1999 10:52:11 -0600 
In a strange coincidence I just received the following from my sysadmin
which seems to speak to your problem.

"A libc vulnerability on Sparc Solaris 2.6/7 systems for which there is
currently no patch can be closed somewhat by adding

set noexec_user_stack = 1
set noexec_user_stack_log = 1

to /etc/system."

Nick

At 03:12 PM 5/25/99 +0100, Gary Polhill wrote:
>
>A colleague of mine has installed Swarm on a Sun workstation, and
>compiled heatbugs, but found he got segmentation faults when he ran it.
>He asked his systems administrator about this and was told that the
>Suns in his department have disabled execution of code on the stack,
>because this is a security hazard. gcc apparently does put executable
>code on the stack through the use of "trampolenes". 
>
>I have very little idea what any of this means, but I think answers to
>the following questions would help:
>
>Does anyone know if compiling using egcs instead of gcc would avoid
>this problem?
>
>Is the problem due to Swarm in any way?
>
>What is the security risk associated with putting executable code on the
>stack? (I.e. what sort of attacks might we be exposing ourselves to by
>running programs compiled with gcc?)
>
>Is this an obj-C related problem, or does it apply to gcc in general?
>
>Other than things people jump up and down on for fun, what the hell
>are trampolenes?
>
>I'm aware that this question is probably better asked of a different
>group altogether. Apologies for this, but the problem arose through the
>use of Swarm rather than other programs compiled with gcc. Indeed, I have
>successfully compiled and run Swarm 1.0.3 and various applications
>associated with it on the same machine. (Though this was before it was
>upgraded from Solaris 2.6 to 7.)
>
>Thanks in advance for any responses.
>
>Gary
>
>-- 
>
>Macaulay Land Use Research Institute, Craigiebuckler, Aberdeen. AB15 8QH
>Tel: +44 (0) 1224 318611               Email: address@hidden
>
>                  ==================================
>   Swarm-Support is for discussion of the technical details of the day
>   to day usage of Swarm.  For list administration needs (esp.
>   [un]subscribing), please send a message to <address@hidden>
>   with "help" in the body of the message.
> 

Nick Collier
address@hidden
Database Developer
Social Science Research Computing
University of Chicago
Chicago, IL 60637

                  ==================================
   Swarm-Support is for discussion of the technical details of the day
   to day usage of Swarm.  For list administration needs (esp.
   [un]subscribing), please send a message to <address@hidden>
   with "help" in the body of the message.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]