Normally you should have build nearly everything with PIE (there is a
nifty but a little bit outdated script called checksec.sh) - on my
system (Desktop with KDE right now) every running process has PIE
enabled.
You can enable and disable it via gcc-config (there are nopie and nopic
and vanilla com
PIE is used in hardened gentoo, If PIE can't protect you against this,
ssp at least could try to do it, this is the reason because
-fstack-protector-all and -D_FORTIFY_SOURCE=2 are needed, and at least
-fstack-protector-all is really extended in hardened gentoo.. as
another security layer. .
2013/
I'm just thinking aloud here...
So as long as hardened gcc is used to compile the code, it makes the
exploitation harder compared to distros not pushing PIE as much. I think
other distros also acknowledged the importance of PIE, as well in the mean
time:
https://wiki.ubuntu.com/Security/Features#Bu
On 26/03/13 16:11, "Tóth Attila" wrote:
>
> I wonder how these ROP techniques can theoretically perform in a
> java virtual machine? What are the possbile target vectors for
> Python or Ruby? What about JIT code?
http://www.grant-olson.net/python/pyasm
On 26/03/13 16:45, Javier Juan Martínez Cabezón wrote:
> On 26/03/13 16:11, "Tóth Attila" wrote:
>
>>
>> I wonder how these ROP techniques can theoretically perform in a
>> java virtual machine? What are the possbile target vectors for
>> Python or Ruby? What about JIT code?
>
> http://www.grant-
2013.Március 26.(K) 16:56 időpontban Javier Juan Martínez Cabezón ezt írta:
> On 26/03/13 16:45, Javier Juan Martínez Cabezón wrote:
>> On 26/03/13 16:11, "Tóth Attila" wrote:
>>
>>>
>>> I wonder how these ROP techniques can theoretically perform in a
>>> java virtual machine? What are the possbile
