Red Hat Bugzilla – Bug 154076
gpg is marked PT_GNU_STACK RWE
Last modified: 2007-11-30 17:11:03 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050328 Firefox/1.0.2 Fedora/1.0.2-3
Description of problem:
Please configure w/ --enable-noexecstack.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
Status of this bug?
Without this flag, gpg is marked PT_GNU_STACK RWE,
which causes it to not work in strict policy SELinux,
if checkprotreq=0, and allow_gpg_execstack is false.
In other words, security would be improved if gpg was not
marked PT_GNU_STACK RWE, which can be accomplished by compiling
it with the option suggested - it was specifically modified upstream
for that purpose (gnupg bug 433).