1 |
On Mon, Jan 23, 2012 at 20:22, Diego Elio Pettenò <flameeyes@g.o>wrote: |
2 |
> |
3 |
> Is it because of PIE alone or ASLR? Just curious it doesn't make much |
4 |
> difference to me. |
5 |
> |
6 |
|
7 |
When ASLR is turned on, the .text section of executables compiled with PIE |
8 |
is given a randomized base address. When ASLR is off or when PIE is not |
9 |
used, the base address is predictable, so it's easy to find where to write |
10 |
into. |
11 |
|
12 |
|
13 |
> Here's the trick: it's hard to decide what to compile PIE and what not |
14 |
> because we generally don't split the build for the two. I guess a good |
15 |
> point here could be made to build _everything_ PIE, but it can be tricky |
16 |
> (at least hotot seem not to work on a PIE system). |
17 |
> |
18 |
|
19 |
Doesn't portage already have a check on SUID executables where it checks to |
20 |
see if they meet a certain standard and also strips them of read |
21 |
capabilities? Couldn't we just add a Q&A blurb to this, so that if any SUID |
22 |
executables are merged that aren't PIE, there's a nice yellow warning? And |
23 |
then gradually package maintainers would add the required patches? |
24 |
|
25 |
|
26 |
|
27 |
It would be also a good idea to resume working on the file-based |
28 |
> capabilities, dropping suid altogether. |
29 |
> |
30 |
|
31 |
Of course. But, different discussion. |