freebsd,linux,sunos: make stack non-executable

Link with -z,noexecstack to make stack memory non-executable.  Makes
shellcode injection through buffer overflows more difficult.

Fixes: https://github.com/joyent/node/issues/7542
PR-URL: https://github.com/node-forward/node/pull/8
Reviewed-By: Trevor Norris <trevnorris@gmail.com>

diff --git a/node.gyp b/node.gyp
index daf06c7..2f5cf0e 100644 (file)
--- a/node.gyp
+++ b/node.gyp
@@ -365,6 +365,12 @@
             'PLATFORM="sunos"',
           ],
         }],
+        [ 'OS=="freebsd" or OS=="linux"', {
+          'ldflags': [ '-Wl,-z,noexecstack' ],
+        }],
+        [ 'OS=="sunos"', {
+          'ldflags': [ '-Wl,-M,/usr/lib/ld/map.noexstk' ],
+        }],
         [
           'OS in "linux freebsd" and node_shared_v8=="false"', {
             'ldflags': [