zerotier: do not allow executable stack
zerotier as default has executable stack.
[ 11.343143] process '/usr/bin/zerotier-one' started with executable stack
executable stacks are not recommend, possibly provide a threat and there
seems to be no advantage of executable stack with zerotier-one - so let's
build it without instead.
Stack is executable on x86_64, but not on all archs, such as ramips.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit 56f30520f2
)
This commit is contained in:
parent
3e09917f36
commit
4d498fa65b
|
@ -58,8 +58,8 @@ endif
|
|||
endef
|
||||
|
||||
# Make binary smaller
|
||||
TARGET_CFLAGS += -ffunction-sections -fdata-sections
|
||||
TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed
|
||||
TARGET_CFLAGS += -ffunction-sections -fdata-sections -Wl,-z,noexecstack
|
||||
TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed -Wl,-z,noexecstack
|
||||
|
||||
define Package/zerotier/conffiles
|
||||
/etc/config/zerotier
|
||||
|
|
Loading…
Reference in New Issue