On Sat, Jan 22, 2005 at 02:51:23PM +0100, Santiago Vila wrote: > On Fri, 21 Jan 2005, Greg Norris wrote: > > > Package: diff > > Version: 2.8.1-9 > > Severity: minor > > > > The binaries appear to have been built without the PT_GNU_STACK header, > > which makes the 2.6.10 kernel enable read-implies-exec behaviour. This > > in turn causes problems under SELinux, because executable stacks are not > > typically allowed for legacy binaries. > > > > $ execstack -q `which cmp diff` > > ? /usr/bin/cmp > > ? /usr/bin/diff > > > > It appears that rebuilding with a current toolchain is all that's > > required to work around this issue. I didn't have to do anything > > special under sid (i386), at least. > > > > $ gcc --version | head -1 > > gcc (GCC) 3.3.5 (Debian 1:3.3.5-6) > > $ execstack -q `which cmp diff` > > - /usr/bin/cmp > > - /usr/bin/diff > > > > > > I've set the severity to minor, since SELinux isn't currently integrated > > into Debian proper. Please let me know if you need any additional > > information. > > I closed this bug because there must be literally hundreds of packages > like this and I consider premature to submit bugs for all of them.
I made a statistic on my machine: 1341 are '-' and 76 are '?' so less than 1% has the problem. More importantly, there are all binaries that have been build a long time ago, with the exception of diffutils and rcs binaries. Since diffutils was uploaded the 19/01/2005 I see no explanation why it has the problem unless the maintainer built it on top of woody. (The gcc changes is dated Sun, 9 Nov 2003). > However, it could be that the lintian maintainer might be willing to add > a check for this, so I'm reassigning this to lintian as a wishlist. Why not just rebuild diffutils on top of current sid and closing this bug ? This has always been the recommended practice. Cheers, -- Bill. <[EMAIL PROTECTED]> Imagine a large red swirl here. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
