[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Question about PIEs

From: Arjan van de Ven <arjan infradead org>
To: "Red Hat Enterprise Linux 4 (Nahant) Discussion List" <nahant-list redhat com>
Subject: Re: Question about PIEs
Date: Thu, 20 Apr 2006 22:17:17 +0200

On Thu, 2006-04-20 at 11:14 -0700, Jeffrey Siegal wrote:
> I read some white paper from Red Hat's site about security features  
> in RHEL, including PIEs.  The paper says that PIEs can't get  

"are not" rather than "cannot"

> prelinked because the executable gets loaded at a random address each  
> time.   As I recall, the prelinker has an option to load the  
> libraries at random addresses (the addresses are random across  
> systems but fixed for each system).  I was wondering if PIEs can be  
> prelinked in this manner -- where the prelinker chooses a random  
> address for the executable and if so, wouldn't this be a reason to  
> just build everything as a PIE (perhaps excluding some high risk  
> programs from prelinking and letting them float at load time)?

well.... right now the idea is that PIE's are so security sensitive that
you don't want anything fixed at all. They can be prelinked if you'd
really want to, there is no fundamental reason not to. But it's not a
good idea.

Follow-Ups:
- Re: Question about PIEs
  - From: Jeffrey Siegal

References:
- Question about PIEs
  - From: Jeffrey Siegal

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]