execstack(8) System Manager's Manual execstack(8)NAME
execstack - tool to set, clear, or query executable stack flag of ELF binaries and shared libraries
SYNOPSIS
execstack [OPTION...] [FILES]
DESCRIPTION
execstack is a program which sets, clears, or queries executable stack flag of ELF binaries and shared libraries. Linux has in the past
allowed execution of instructions on the stack and there are lots of binaries and shared libraries assuming this behaviour. Furthermore,
GCC trampoline code for e.g. nested functions requires executable stack on many architectures. To avoid breaking binaries and shared
libraries which need executable stack, ELF binaries and shared libraries now can be marked as requiring executable stack or not requiring
it. This marking is done through the p_flags field in the PT_GNU_STACK program header entry. If the marking is missing, kernel or dynamic
linker need to assume it might need executable stack. The marking is done automatically by recent GCC versions (objects using trampolines
on the stack are marked as requiring executable stack, all other newly built objects are marked as not requiring it) and linker collects
these markings into marking of the whole binary or shared library. The user can override this at assembly time (through --execstack or
--noexecstack assembler options), at link time (through -z execstack or -z noexecstack linker options) and using the execstack tool also on
an already linker binary or shared library. This tool is especially useful for third party shared libraries where it is known that they
don't need executable stack or testing proves it.
OPTIONS -s --set-execstack
Mark binary or shared library as requiring executable stack.
-c --clear-execstack
Mark binary or shared library as not requiring executable stack.
-q --query
Query executable stack marking of binaries and shared libraries. For each file it prints either - when executable stack is not
required, X when executable stack is required or ? when it is unknown whether the object requires or doesn't require executable
stack (the marking is missing).
-V Print execstack version and exit.
-? --help
Print help message.
--usage
Print a short usage message.
ARGUMENTS
Command line arguments should be names of ELF binaries and shared libraries which should be modified or queried.
EXAMPLES
# execstack -s ~/lib/libfoo.so.1
will mark ~/lib/libfoo.so.1 as requiring executable stack.
# execstack -c ~/bin/bar
will mark ~/bin/bar as not requiring executable stack.
# execstack -q ~/lib/libfoo.so.1 ~/bin/bar
will query executable stack marking of the given files.
SEE ALSO ld.so(8).
BUGS
execstack doesn't support yet marking of executables if they do not have PT_GNU_STACK program header entry nor they have room for program
segment header table growth.
AUTHORS
Jakub Jelinek <jakub@redhat.com>.
28 October 2003 execstack(8)
Check Out this Related Man Page
ld.so(8) System Manager's Manual ld.so(8)NAME
ld.so, ld-linux.so* - dynamic linker/loader
DESCRIPTION
ld.so loads the shared libraries needed by a program, prepares the program to run, and then runs it. Unless explicitly specified via the
-static option to ld during compilation, all Linux programs are incomplete and require further linking at run time.
The necessary shared libraries needed by the program are searched for in the following order
o Using the DT_RPATH dynamic section attribute of the binary if present and DT_RUNPATH attribute does not exist.
o Using the environment variable LD_LIBRARY_PATH . Except if the executable is a setuid/setgid binary, in which case it is ignored.
o Using the DT_RUNPATH dynamic section attribute of the binary if present.
o From the cache file /etc/ld.so.cache which contains a compiled list of candidate libraries previously found in the augmented library
path. If, however, the binary was linked with -z nodeflib linker option, libraries in the default library paths are skipped.
o In the default path /lib, and then /usr/lib. If the binary was linked with -z nodeflib linker option, this step is skipped.
SYNOPSIS
The dynamic linker can be run either indirectly through running some dynamically linked program or library (in which case no command line
options to the dynamic linker can be passed and the dynamic linker which is stored in the .interp section of the program is executed) or
directly by running:
/lib/ld-linux.so.* [OPTIONS] [PROGRAM [ARGUMENTS]]
COMMAND LINE OPTIONS --list List all dependencies and how they are resolved.
--verify
Verify that program is dynamically linked and this dynamic linker can handle it.
--library-path PATH
Override LD_LIBRARY_PATH environment variable setting (see below).
--ignore-rpath LIST
Ignore RPATH and RUNPATH information in object names in LIST.
ENVIRONMENT
LD_LIBRARY_PATH
A colon-separated list of directories in which to search for ELF libraries at execution-time. Similar to the PATH environment vari-
able.
LD_PRELOAD
A whitespace-separated list of additional, user-specified, ELF shared libraries to be loaded before all others. This can be used to
selectively override functions in other shared libraries. For setuid/setgid ELF binaries, only libraries in the standard search
directories that are also setuid will be loaded.
LD_TRACE_LOADED_OBJECTS
If set to non-empty string, causes the program to list its dynamic library dependencies, as if run by ldd, instead of running nor-
mally.
LD_BIND_NOW
If set to non-empty string, causes the dynamic linker to resolve all symbols at program startup instead of deferring function call
resolval to the point when they are first referenced.
LD_WARN
If set to non-empty string, warn about unresolved symbols.
LD_DEBUG
Output verbose debugging information about the dynamic linker. If set to all prints all debugging information it has, if set to
help prints a help message about which categories can be specified in this environment variable.
LD_DEBUG_OUTPUT
File where LD_DEBUG output should be fed into, default is standard output. LD_DEBUG_OUTPUT is ignored for setuid/setgid binaries.
LD_VERBOSE
If set to non-empty string, output symbol versioning information about the program if querying information about the program (ie.
either LD_TRACE_LOADED_OBJECTS has been set, or --list or --verify options have been given to the dynamic linker).
FILES
/lib/ld-linux.so.* ELF dynamic linker/loader
/etc/ld.so.cache
File containing a compiled list of directories in which to search for libraries and an ordered list of candidate libraries.
/etc/ld.so.preload
File containing a whitespace separated list of ELF shared libraries to be loaded before the program. libraries and an ordered list
of candidate libraries.
lib*.so*
shared libraries
SEE ALSO ldd(1), ldconfig(8).
AUTHORS
Roland McGrath, Ulrich Drepper and others. This man page is derived from libc 5 ld.so manual page.
30 October 2000 ld.so(8)