From c9e57b37881d1b7dea4b4a2e2214b88a88c08b51 Mon Sep 17 00:00:00 2001
From: Joe Groocock <me@frebib.net>
Date: Sat, 27 Apr 2019 11:12:12 +0100
Subject: [PATCH] Disable executable stack in shared libs. Should hopefully fix
 #11

---
 Dockerfile | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index 0fcc467..6ec4ab9 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -143,6 +143,10 @@ RUN curl -fsSL http://ftp.de.debian.org/debian/pool/main/g/gcc-${LIBGCC1_VER:0:1
 
     # Strip all unneeded symbols for optimum size
 RUN find -exec sh -c 'file "{}" | grep -q ELF && strip --strip-debug "{}"' \; \
+    # Disable executable stack in all libraries. This should already be the case
+    # but it seems libgnsdk is not playing along
+ && apt-get -y install execstack \
+ && execstack -c usr/lib/*.so* \
     \
  && mkdir -p /output/usr/lib /output/usr/bin \
  && mv lib/x86_64-linux-gnu/*.so* \