Date: Fri, 13 Mar 2015 18:05:24 +0300 From: Solar Designer <solar@...nwall.com> To: oss-security@...ts.openwall.com Cc: "CERT(R) Coordination Center" <cert@...t.org> Subject: Re: Vendor adoption of PIE INFO#934476 oss-security On Thu, Mar 12, 2015 at 08:31:42PM -0700, Nick Kralevich wrote: > I wanted to provide a followup on this year-old thread. Thank you! > With the release of Android 5.0, Android has removed support for > non-PIE binaries  . Attempting to run a non-PIE binary will > generate an error on Android. In this way, we ensure that all binaries > take full advantage of Android's ASLR implementation. > > This is just one of the many security enhancements added in Android > 5.*, and one that I hope other Linux distributions will pick up. > >  https://source.android.com/devices/tech/security/enhancements/enhancements50.html >  https://android.googlesource.com/platform/bionic/+/76e289c026f11126fc88841b3019fd5bb419bb67 I brought this to Twitter, and here's a comment by Rich Felker: <solardiz> Android 5.0 "has removed support for non-PIE binaries. Attempting to run a non-PIE binary will generate an error" http://www.openwall.com/lists/oss-security/2015/03/13/1 <@RichFelker> @solardiz Guess that means no emacs on Android... <@solardiz> @RichFelker Why, can't one build Emacs as PIE? <@RichFelker> @solardiz The whole dumper issue. The final emacs binary is a dump of an emacs with a lisp heap full of pointers and no relocation data. Alexander
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ