| 1 |
On Wed, 14 Dec 2005 00:22:36 +0000 Mike Frysinger <vapier@g.o> |
| 2 |
wrote: |
| 3 |
| > The big issue with |
| 4 |
| > this is that the text segment is usually suppose to be read only for |
| 5 |
| > security reasons. But because the text segment needs a relocation, |
| 6 |
| > it needs to be read-write since the relocation happens at runtime |
| 7 |
| > dynamically. |
| 8 |
| |
| 9 |
| this is correct, a very good reason to fix TEXTRELs. |
| 10 |
|
| 11 |
This is only an issue if an application is already insecure. Thus, |
| 12 |
TEXTRELs shouldn't be considered sufficient reason to avoid marking |
| 13 |
something stable, any more than we avoid marking code that uses sprintf |
| 14 |
stable. |
| 15 |
|
| 16 |
| another good reason is that since the segment cannot be mapped |
| 17 |
| readonly, the memory cannot be shared across multiple processes ... |
| 18 |
| each will need to have its own copy, thus wasting what could be |
| 19 |
| significant memory resources. |
| 20 |
|
| 21 |
Again, that's a big "could be". We don't avoid marking stable code |
| 22 |
that, say, mallocs lots of space, then fills it with some calculated |
| 23 |
numbers (for example, the first million prime numbers), even though a |
| 24 |
better program would allow for that data to be shared. |
| 25 |
|
| 26 |
So yes, TEXTRELs when used accidentally are rather sucky. On the other |
| 27 |
hand, there are legitimate uses for them, and they aren't insecure, nor |
| 28 |
are they necessarily any worse performance-wise than code that uses |
| 29 |
other methods. |
| 30 |
|
| 31 |
Banning TEXTRELs outright makes no more sense than banning code that |
| 32 |
uses goto or sprintf -- if TEXTRELs are used accidentally and there's |
| 33 |
an easy fix, take it, but don't let them stop you from providing the |
| 34 |
most stable version of a package to your users. |
| 35 |
|
| 36 |
Oh, and don't accept reasons like "but they don't work if we enable |
| 37 |
$obscure_voodoo in the compiler" either. If $obscure_voodoo breaks on |
| 38 |
legitimate TEXTRELs then $obscure_voodoo is broken, not the code using |
| 39 |
TEXTRELs. |
| 40 |
|
| 41 |
-- |
| 42 |
Ciaran McCreesh : Gentoo Developer (I can kill you with my brain) |
| 43 |
Mail : ciaranm at gentoo.org |
| 44 |
Web : http://dev.gentoo.org/~ciaranm |
Archives