Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-dev

From: Agostino Sarubbo <ago@g.o>
To: gentoo-dev@l.g.o
Subject: Re: [gentoo-dev] Re: Can we get PIE on all SUID binaries by default, por favor?
Date: Mon, 23 Jan 2012 20:49:26
Message-Id: 2875711.Ft4fV4mV9N@devil
In Reply to: Re: [gentoo-dev] Re: Can we get PIE on all SUID binaries by default, por favor? by Mike Gilbert
1 On Monday 23 January 2012 15:00:41 Mike Gilbert wrote:
2 > I'm asking "how does one enable PIE/ASLR", not how to check if it is
3 > enabled already.
4 Just enable hardened profile that compiles generally with:
5 -fno-strict-overflow -fPIE -fstack-protector-all
6
7 in particular with gcc-hardenednossp you have:
8 fno-strict-overflow -fPIE
9
10 with gcc-hardenednopie you have:
11 fno-strict-overflow -fstack-protector-all
12
13 with gcc-hardenednopiessp you have:
14 -fno-strict-overflow
15
16 --
17 Agostino Sarubbo ago -at- gentoo.org
18 Gentoo/AMD64 Arch Security Liaison
19 GPG: 0x7CD2DC5D

Attachments

File name MIME type
signature.asc application/pgp-signature
Report Message
Find on MARC Find on Google Groups