1 |
strip --strip-unneeded |
2 |
|
3 |
|
4 |
On Fri, May 31, 2013 at 2:10 PM, Christopher Friedt |
5 |
<chrisfriedt@×××××.com>wrote: |
6 |
|
7 |
> -Wunused -Werror |
8 |
> |
9 |
> |
10 |
> On Mon, May 27, 2013 at 9:09 AM, Bertrand Jacquin <beber@××××××××.net>wrote: |
11 |
> |
12 |
>> Hi, |
13 |
>> |
14 |
>> Finally, two months after your mail, I remembered a project I saw last |
15 |
>> year (or so) that might stick your need. |
16 |
>> |
17 |
>> http://anonscm.debian.org/**gitweb/?p=d-i/mklibs.git<http://anonscm.debian.org/gitweb/?p=d-i/mklibs.git> |
18 |
>> http://anonscm.debian.org/**gitweb/?p=d-i/mklibs.git;a=** |
19 |
>> blob_plain;f=src/mklibs;h=**216b34c1cb221458cd0d26c6bd5c71** |
20 |
>> 9c3bf94ab2;hb=HEAD<http://anonscm.debian.org/gitweb/?p=d-i/mklibs.git;a=blob_plain;f=src/mklibs;h=216b34c1cb221458cd0d26c6bd5c719c3bf94ab2;hb=HEAD> |
21 |
>> |
22 |
>> As describe, this tool : |
23 |
>> |
24 |
>> - Gather all unresolved symbols and libraries needed by the programs |
25 |
>> and reduced libraries |
26 |
>> - Gather all symbols provided by the already reduced libraries |
27 |
>> (none on the first pass) |
28 |
>> - If all symbols are provided we are done |
29 |
>> - go through all libraries and remember what symbols they provide |
30 |
>> - go through all unresolved/needed symbols and mark them as used |
31 |
>> - for each library: |
32 |
>> - find pic file (if not present copy and strip the so) |
33 |
>> - compile in only used symbols |
34 |
>> - strip |
35 |
>> - back to the top |
36 |
>> |
37 |
>> Beber |
38 |
>> |
39 |
>> |
40 |
>> On 2013-03-25 08:01, Kfir Lavi wrote: |
41 |
>> |
42 |
>>> Hi, |
43 |
>>> I'm looking for a way to reduce glibc code size. |
44 |
>>> It can be a way to make system smaller and minimize the impact |
45 |
>>> of attack vectors in glibc, as in return-to-libc attack. |
46 |
>>> |
47 |
>>> Lets say I'm deleting the program 'mkdir', and mkdir uses a function |
48 |
>>> in glibc that non of the other parts of the system uses. |
49 |
>>> Then I want to eliminate this function from glibc. This leads to smaller |
50 |
>>> code and if this function is used in some attack scenario, maybe prevent |
51 |
>>> it. |
52 |
>>> |
53 |
>>> Is there a way to do it? |
54 |
>>> Can you help me think how to build a tool like this? or, integrate |
55 |
>>> with existing tools. |
56 |
>>> |
57 |
>>> Thanks, |
58 |
>>> Kfir |
59 |
>>> |
60 |
>> |
61 |
>> |
62 |
> |