Hello, I got the following security vulnerability report from an Ubuntu developer, On Thu, Mar 11, 2010 at 09:02:43PM -0000, Kees Cook wrote: > *** This bug is a security vulnerability *** > > Public security bug reported: > > execstack -q /usr/sbin/slmodemd > X /usr/sbin/slmodemd > > This is potentially dangerous, and should be addressed. Please see: > https://wiki.ubuntu.com/SecurityTeam/Roadmap/ExecutableStacks > for details. ---end quoted text--- He mentioned in a following email that issue is caused by dsplibs.o, anyways, according to the wiki page mentioned above, this can be solved by running the following after building slmodemd: execstack -c slmodemd I can do this in the Debian/Ubuntu package, but I need to make sure that it won't break the usability of sl-modem, can Antonio or others test the following: 1) Run: execstack -c /usr/sbin/slmodemd (I assume that slmodemd is installed in /usr/sbin on your systems) 2) Try using the modem (internet, faxing,...) with the modified slmodemd, please try two cases: a) with ALSA driver b) with slamr driver I might be able to get my hands on a machine that has a smartlink modem (but using ALSA driver) today, in that case I'll try testing case (a). -- أحمد المحمودي (Ahmed El-Mahmoudy) Digital design engineer GPG KeyID: 0xEDDDA1B7 GPG Fingerprint: 8206 A196 2084 7E6D 0DF8 B176 BC19 6A94 EDDD A1B7
