https://sourceware.org/bugzilla/show_bug.cgi?id=29072
Nick Clifton <nickc at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution|--- |FIXED
--- Comment #16 from Nick Clifton <nickc at redhat dot com> ---
(In reply to H.J. Lu from comment #15)
> Is the goal to remove nested functions?
No - the goal is to improve the security of programs by letting their builders
know that they have a vulnerability. They *may* chose to address the
vulnerability by removing nested functions from their code - if that was the
cause - but they may also decide that the vulnerability is acceptable and
instead add --no-warn-execstack to the linker command line. Or just ignore the
warning.
The point of the warning is that it gives program builders a prompt to decide
what is best for them. By informing them of the potential security
vulnerability - something that they may not have realised was happening to
their program - they then have a reason to perform a security review of their
code, and can decide what to do.
As for builders who are unaware of the risks of executable stacks and the
dangers of nested functions - and hence will be confused by this new warning -
I intend to write a blog about the problem and its possible solutions. It is
my hope that a web search will turn up this blog, and so they will be able to
find some advice on what to do.
--
You are receiving this mail because:
You are on the CC list for the bug.
