Hi I am trying to fix this security warning Snapcraft is giving me preventing me from pushing my snap package, this is the following error:
Found files with executable stack. This adds PROT_EXEC to mmap(2) during mediation which may cause security denials. Either adjust your program to not require an executable stack, strip it with ‘execstack --clear-execstack …’ or remove the affected file from your snap. Affected files: resources/app.asar.unpacked/node_modules/electron/dist/electron functional-snap-v2_execstack
I don’t know how to fix this and need help so I can get my packages pushed and properly used.
This is a known issue with attempts to package electron applications. You need to use the command execstack
as suggested in the error message to clear the executable stack flag from the electron
binary file.
To do this you will need to add a build-package
of execstack
and then in an install
scriptlet specify the appropriate command:
parts:
electron:
...
install: |
execstack --clear-execstack $SNAPCRAFT_PART_INSTALL/usr/bin/electron
build-packages:
- execstack
... # the rest of your part's definition
Am I adding this to the package json file or somewhere else? Sorry I am very new to snap package building and while I’ve built electron applications I am also still learning.