diff options
| author | Oskari Rauta <oskari.rauta@gmail.com> | 2023-03-12 18:30:35 +0200 |
|---|---|---|
| committer | Tianling Shen <cnsztl@gmail.com> | 2023-03-15 12:12:19 +0800 |
| commit | 56f30520f2413f9f1434def5b533a265912aea1c (patch) | |
| tree | e607aad8df36de710e6bc73b13bae850cd7b1209 /net | |
| parent | 1e02e30622a43fa1d115240d1b7906bdc05d5955 (diff) | |
zerotier: do not allow executable stack
zerotier as default has executable stack.
[ 11.343143] process '/usr/bin/zerotier-one' started with executable stack
executable stacks are not recommend, possibly provide a threat and there
seems to be no advantage of executable stack with zerotier-one - so let's
build it without instead.
Stack is executable on x86_64, but not on all archs, such as ramips.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
Diffstat (limited to 'net')
| -rw-r--r-- | net/zerotier/Makefile | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/net/zerotier/Makefile b/net/zerotier/Makefile index 47e3f7a63..01ad05248 100644 --- a/net/zerotier/Makefile +++ b/net/zerotier/Makefile @@ -58,8 +58,8 @@ endif endef # Make binary smaller -TARGET_CFLAGS += -ffunction-sections -fdata-sections -TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed +TARGET_CFLAGS += -ffunction-sections -fdata-sections -Wl,-z,noexecstack +TARGET_LDFLAGS += -Wl,--gc-sections,--as-needed -Wl,-z,noexecstack define Package/zerotier/conffiles /etc/config/zerotier |