On Sun, Mar 31, 2013 at 5:11 PM, Richard W.M. Jones <rjo...@redhat.com>wrote:
> On Sun, Mar 31, 2013 at 01:09:36AM +0100, Kevin Kofler wrote:
> > Dhiru Kholia wrote:
> > > Any feedback is welcome!
> >
> > My proposal: build ALL packages in Fedora with not only -fPIE and RELRO,
> but
> > also -fstack-protector-all (which is not included in the current hardened
> > cflags). Also get rid of prelink which reduces the effectiveness of ASLR.
> > Then drop SELinux which becomes obsolete if the executables cannot be
> > exploited in the first place. (It only papers over the real problem.)
>
> I know you're trolling here, but there are some misconceptions that
> should be corrected:
>
> (1) -fstack-protector{,-all} doesn't implement full bounds checking
> for every C object.
>
> (2) SELinux controls what labelled resources a process can access.
> This covers far more than buffer overflows in C programs. It covers
> other programming languages, design flaws and implementation 'thinko's
> of all sorts. I would argue (separate from this) that it's good to
> define precisely what resources a program can access, rather than the
> default "access just about everything".
>
> However prelink does reduce the effectiveness of ASLR (a bit). See
> http://lwn.net/Articles/341440/ and follow-up conversation.
>
> Probably something had changed in the last years. I have posted the same
question, or related, some time ago
http://www.redhat.com/archives/rhl-devel-list/2009-July/msg00674.html
>
>
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
