mirror
/
openwrt-packages
mirror of https://git.openwrt.org/feed/packages.git
1
0
Fork 0
Code Releases Activity

zerotier: do not allow executable stack 

zerotier as default has executable stack.
[   11.343143] process '/usr/bin/zerotier-one' started with executable stack

executable stacks are not recommend, possibly provide a threat and there
seems to be no advantage of executable stack with zerotier-one - so let's
build it without instead.

Stack is executable on x86_64, but not on all archs, such as ramips.

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
This commit is contained in:
Oskari Rauta 2023-03-12 18:30:35 +02:00 committed by Tianling Shen
parent 1e02e30622
commit 56f30520f2
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
net/zerotier/Makefile
View File

@ -58,8 +58,8 @@ endif
endef
# Make binary smaller
TARGET_CFLAGS += -ffunction-sections -fdata-sections
TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed
TARGET_CFLAGS += -ffunction-sections -fdata-sections -Wl,-z,noexecstack
TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed -Wl,-z,noexecstack
define Package/zerotier/conffiles
/etc/config/zerotier