Date: Tue, 26 May 2015 11:56:41 +0200 From: Florian Weimer <fweimer@...hat.com> To: oss-security@...ts.openwall.com Subject: ELF PLT changes in gcc/binutils/glibc There are some changes in the pipeline which change the way dynamic linking works, particularly in combination with BIND_NOW/-z now: GCC and -fno-plt: <https://gcc.gnu.org/ml/gcc-patches/2015-05/msg00231.html> binutils PLT->GOT elision with -Wl,z,now: <https://sourceware.org/ml/binutils/2015-05/msg00145.html> glibc fixes for binutils changes: <https://www.sourceware.org/ml/libc-alpha/2015-05/msg00560.html> I have been asked to comment on these developments, but I feel that I lack sufficient data to make a recommendation one way or the other. I know that some people feel strongly about ROP opportunities and indirect calls, so they might want to comment (presumably on the glibc mailing list, libc-alpha). -- Florian Weimer / Red Hat Product Security
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ