On Mon, Jan 23, 2012 at 20:22, Diego Elio Pettenò <flamee...@gentoo.org>wrote: > > Is it because of PIE alone or ASLR? Just curious it doesn't make much > difference to me. >
When ASLR is turned on, the .text section of executables compiled with PIE is given a randomized base address. When ASLR is off or when PIE is not used, the base address is predictable, so it's easy to find where to write into. > Here's the trick: it's hard to decide what to compile PIE and what not > because we generally don't split the build for the two. I guess a good > point here could be made to build _everything_ PIE, but it can be tricky > (at least hotot seem not to work on a PIE system). > Doesn't portage already have a check on SUID executables where it checks to see if they meet a certain standard and also strips them of read capabilities? Couldn't we just add a Q&A blurb to this, so that if any SUID executables are merged that aren't PIE, there's a nice yellow warning? And then gradually package maintainers would add the required patches? It would be also a good idea to resume working on the file-based > capabilities, dropping suid altogether. > Of course. But, different discussion.
