Re: [PATCH][RESEND] PIE randomization

From: Ulrich Drepper
Date: Fri May 11 2007 - 18:41:30 EST

Next message: Linus Torvalds: "Re: [PATCH] swsusp: Use platform mode by default"
Previous message: Jeff Garzik: "[git patches] libata updates"
In reply to: Andrew Morton: "Re: [PATCH][RESEND] PIE randomization"
Next in thread: Jiri Kosina: "Re: [PATCH][RESEND] PIE randomization"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 5/11/07, Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> wrote:

erm, I was being funny. If you randomize a binary it won't run any more.
cp /dev/random /bin/login. Oh well.

My point is, we're not being told what is being randomized here. Is it the
virtual starting address of the main executable mmap? Of the shared
libraries also? Is it the stack location? What?

PIE = Position Independent Executable, that's how I named them.

These are not regular executables, they are basically DSOs but usually
compiled with -fpie/-fPIE instead of -fpic/-fPIC and linked with -pie
instead of -shared to allow the compiled and linker perform more
optimizations.

See section 5 in

http://people.redhat.com/drepper/nonselsec.pdf

Jan unfortunately Ingo's document which doesn't really explain it.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Linus Torvalds: "Re: [PATCH] swsusp: Use platform mode by default"
Previous message: Jeff Garzik: "[git patches] libata updates"
In reply to: Andrew Morton: "Re: [PATCH][RESEND] PIE randomization"
Next in thread: Jiri Kosina: "Re: [PATCH][RESEND] PIE randomization"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]