338243 – Please add a use flag to x11-libs/qt-script allowing JIT to be disabled on hardened systems

Bug 338243 - Please add a use flag to x11-libs/qt-script allowing JIT to be disabled on hardened systems

Summary: Please add a use flag to x11-libs/qt-script allowing JIT to be disabled on ha...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	[OLD] Library (show other bugs)
Hardware:	All Linux

Importance:	High enhancement (vote)
Assignee:	Qt Bug Alias

URL:	http://pax.grsecurity.net/docs/mprote...
Whiteboard:
Keywords:

Depends on:	338245
Blocks:
	Show dependency tree

Reported:	2010-09-20 22:58 UTC by Dillon
Modified:	2010-11-19 03:26 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Patch using IUSE+jit and configure option to disable jit (qt-script-4.6.2-nojit.patch,1.55 KB, patch) 2010-09-20 22:58 UTC, Dillon	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Dillon 2010-09-20 22:58:13 UTC

+++ This bug was initially created as a clone of Bug #337736 +++

JIT requires executable stack pages, and any process performing JavaScript on
hardened kernels will require to run with PAX_MPROTECT disabled. This may allow
easier code execution exploits to work (without the need in pure ret2libc-style
stack preparations, that is harder). Apart from that the JIT itself can be
vulnerable.
-- p.labushev@gmail.com

Comment 1 Dillon 2010-09-20 22:58:49 UTC

Created attachment 248218 [details, diff]
Patch using IUSE+jit and configure option to disable jit

Comment 2 Tomás Touceda (RETIRED) gentoo-dev

2010-11-19 03:26:44 UTC

Committed. Once again, thanks Dillon for the patch :)