[MPlayer-dev-eng] Mplayer: PT_GNU_STACK RWE
    Reimar Döffinger 
    Reimar.Doeffinger at stud.uni-karlsruhe.de
       
    Wed Feb 23 13:48:55 CET 2005
    
    
  
Hi,
I think there have been some misunderstandings, so let's start again *g*
1) gcc is supposed to find out by itself if an application needs executable
stack or not, right? Then how can I find out why it thinks MPlayer needs
it?
2) MPlayer should not need an executable stack or heap (if necessary
anonymous mmap should be used to fix that problem). If it does, it
should be considered a bug and we will try to fix it.
> The PT_GNU_STACK marking is changed (as far as I understand it, though
> I could be wrong), by:
> 	a) Changing the code, so gcc does not emit the execute flag, or
Unfortunately google is not very helpful to get more info on that...
> 	b) Adding the LD flag -z noexecstack, which forces noexec
I guess that would need at least another configure test, as there
certainly are ld versions that do not support that :-(
> >If applications don't work at all (without giving special permissions)
> >on SELinux I'd consider it a bug that this flag is not default.
> 
> You're misunderstanding. The applications would work, but they would
> require permissions we don't want to give them.
I do understand that. Just that what you consider working (by giving
special permissions) I consider not working.
> >At least 99% of all MPlayer code should run fine with a non-executable
> >stack. The most critical parts are binary codec support, but IMHO you
> >won't want that anyway in an environment that justifies using SELinux...
> 
> So, you're saying binary codec support requires the executable stack,
> therefore you can't get rid of it? If that's the case, then maybe 
> I should just give mplayer the appropriate permissions.
First, binary codec support is needed for very few files. Second, the
binary codec support does not need it in general afaik, but I do not
know and I have no control over what those binary codecs do and need.
Greetings,
Reimar Döffinger
    
    
More information about the MPlayer-dev-eng
mailing list