Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 27 Apr 2013 15:16:09 +0800
From: Pavel Labushev <pavel.labushev@...box.no>
To: owl-dev@...ts.openwall.com
Subject: Re: PIE on x86_64

On Fri, 26 Apr 2013 21:48:46 -0400
Rich Felker <dalias@...ifal.cx> wrote:

> Unfortunately changing the compiler defaults can break things in
> subtle ways. The most common breakage I'm aware of from making pie the
> default occurs in packages with assembler source files that are
> written in non-pic-compatible ways. These will turn into TEXTRELs in
> the pie binary, which depending on the arch, may just result in heavy
> runtime bloat (e.g. on 32-bit x86) or produce an error at link time
> (e.g. on x86_64). I seem to recall a user running into this issue in
> OpenSSL...

TEXTRELs on x86_64 are very rare and may be worked around with
-fno-pie. I think it's worth the small inconvenience it might cause,
especially for a security-oriented distro.

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ