Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 13 Mar 2015 18:05:24 +0300
From: Solar Designer <>
Cc: "CERT(R) Coordination Center" <>
Subject: Re: Vendor adoption of PIE INFO#934476 oss-security

On Thu, Mar 12, 2015 at 08:31:42PM -0700, Nick Kralevich wrote:
> I wanted to provide a followup on this year-old thread.

Thank you!

> With the release of Android 5.0, Android has removed support for
> non-PIE binaries [1] [2]. Attempting to run a non-PIE binary will
> generate an error on Android. In this way, we ensure that all binaries
> take full advantage of Android's ASLR implementation.
> This is just one of the many security enhancements added in Android
> 5.*, and one that I hope other Linux distributions will pick up.
> [1]
> [2]

I brought this to Twitter, and here's a comment by Rich Felker:

<solardiz> Android 5.0 "has removed support for non-PIE binaries. Attempting to run a non-PIE binary will generate an error"
<@RichFelker> @solardiz Guess that means no emacs on Android...
<@solardiz> @RichFelker Why, can't one build Emacs as PIE?
<@RichFelker> @solardiz The whole dumper issue. The final emacs binary is a dump of an emacs with a lisp heap full of pointers and no relocation data.


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ