Albert Cahalan writes: > gcc version 4.1.2 20060613 (prerelease) (Debian 4.1.1-5)
OK, so I think that version should have the new -msecure-plt flag, which changes the ppc32 ABI so that the PLT no longer has to be writable and executable. Previously the dynamic linker would rewrite each PLT entry, the first time it is used, to jump directly to the target routine. That was the reason why the heap had to be executable. To get the full benefit of -msecure-plt, every object file in your executable has to be compiled with it, and I think every shared library the program uses has to be compiled with it too. On a system where everything has been compiled with -msecure-plt, I believe the heap and stack will automatically be made non-executable. Of course, that won't make all that much difference on your Cube, because the G4 CPU doesn't have hardware support for non-executable pages (any readable page is executable). The G5 does, as do the 4xx and Book E 32-bit CPUs, and any 64-bit CPU from POWER4 on. As for the randomization, I'm surprised we got no stack randomization, since that appears to be handled generically (randomize_stack_stop() in fs/binfmt_elf.c). What does cat /proc/sys/kernel/randomize_va_space give you? (i386 also does arch-specific randomization of some low bits of the stack pointer, which we could do too.) Shared library randomization is a glibc thing, I assume. (It is incompatible with prelink, of course.) I don't believe we can do ET_EXEC address randomization, and I don't think x86 can do it either. Paul. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
