Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-hardened

From: Ned Ludd <solar@g.o>
To: Peter Simons <simons@××××.to>
Cc: gentoo-hardened@l.g.o
Subject: Re: [gentoo-hardened] Executing hardened-binaries on non-hardened systems
Date: Thu, 23 Sep 2004 23:41:16
Message-Id: 1095982816.31370.84.camel@simple
In Reply to: [gentoo-hardened] Executing hardened-binaries on non-hardened systems by Peter Simons
1 On Thu, 2004-09-23 at 17:47, Peter Simons wrote:
2 > Hi,
3 >
4 > I need to compile a binary on my system and copy it over to
5 > some other Linux machine (non-Gentoo) to execute it there. I
6 > can't compile the binary on the target machine; I have to do
7 > it elsewhere.
8 >
9 > Now the problem is that my system uses hardened gcc 3.3.4.
10 > Thus, when I execute the binary on the non-hardened machine,
11 > I get this error:
12 >
13 > ./foobar: relocation error: ./foobar: symbol __guard,
14 > version GLIBC_2.3.2 not defined in file libc.so.6 with
15 > link time reference
16 >
17 > OK. I understand that. But what do I do now?
18 >
19 > I tried compiling the program with "-fno-stack-protector
20 > -fno-pic", but that doesn't make any difference. Probably
21 > because the libraries the program links against have been
22 > compiled with that stuff already.
23 >
24 > Is there any way to get this symbol defined _except_ for
25 > linking libc statically? Some magic libnow_it_all_works.a,
26 > perhaps? :-)
27
28 ---- libssp_pic.a ----
29 gcc -fno-stack-protector -fno-stack-protector-all -fPIC $(portageq
30 envvar PORTDIR)/sys-libs/glibc/files/2.3.3/ssp.c -c
31 ar -cr libssp_pic.a ssp.o
32
33 ----- libssp.a -----
34 gcc -fno-stack-protector -fno-stack-protector-all $(portageq envvar
35 PORTDIR)/sys-libs/glibc/files/2.3.3/ssp.c -c
36 ar -cr libssp.a ssp.o
37
38 ---- libssp.so ----
39 gcc -fno-stack-protector -fno-stack-protector-all $(portageq envvar
40 PORTDIR)/sys-libs/glibc/files/2.3.3/ssp.c -fPIC -shared -o libssp.so
41
42 Be sure to use -fno- when building these or you will trigger ssp on
43 itself.
44
45 good luck and hope it works for you.
46
47 >
48 > Peter
49 >
50 >
51 > --
52 > gentoo-hardened@g.o mailing list
53 --
54 Ned Ludd <solar@g.o>
55 Gentoo (hardened,security,infrastructure,embedded,toolchain) Developer

Attachments

File name MIME type
signature.asc application/pgp-signature
Report Message
Find on MARC Find on Google Groups