blob: 3c6f6ba2480d2ec2a552b6d6465c86c71d3e225a (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
=head1 NAME
B<fix-gnustack> - Query or clear the ELF GNU_STACK executable flag
=head1 SYNOPSIS
B<fix-gnustack> scans the program headers of ELF binaries or shared
object libraries and reports if a GNU_STACK entry is marked both
writeable and executable. On PaX hardened kernels where memory
protection (MPROTECT) is enforced, execution of binaries with WX
GNU_STACKS, or binaries linking against libraries with WX GNU_STACKS,
is terminated by the kernel. When B<fix-gnustack> is called without
the B<-f> option, it simply reports the RWX (read/write/execute)
flags on any GNU_STACK found. When called with the B<-f> option,
it clears the X flag if both W and X are found.
=head1 OPTIONS
=over
=item B<-f>
Remove the X flag, i.e., "fix" the executable.
=back
=head1 HOMEPAGE
http://dev.gentoo.org/~blueness/elfix
=head1 REPORTING BUGS
Please report bugs at http://bugs.gentoo.org.
=head1 SEE ALSO
B<scanelf>(1), B<dumpelf>(1), B<paxctl>(1), B<paxctl-ng>(1), B<pspax>(1).
=head1 AUTHORS
B<Anthony G. Basile> <blueness@gentoo.org>
|