Re: Question about PIEs

[Jeffrey Siegal <jbs quiotix com>]

On Apr 20, 2006, at 13:17 , Arjan van de Ven wrote:

> On Thu, 2006-04-20 at 11:14 -0700, Jeffrey Siegal wrote:
> > I read some white paper from Red Hat's site about security features
> > in RHEL, including PIEs.  The paper says that PIEs can't get
>
> "are not" rather than "cannot"

What is the mechanism by which they're excluded?  Does the prelinker  
recognize PIEs and skip them?

> > prelinked because the executable gets loaded at a random address each
> > time.   As I recall, the prelinker has an option to load the
> > libraries at random addresses (the addresses are random across
> > systems but fixed for each system).  I was wondering if PIEs can be
> > prelinked in this manner -- where the prelinker chooses a random
> > address for the executable and if so, wouldn't this be a reason to
> > just build everything as a PIE (perhaps excluding some high risk
> > programs from prelinking and letting them float at load time)?
>
> well.... right now the idea is that PIE's are so security sensitive  
> that
> you don't want anything fixed at all. They can be prelinked if you'd
> really want to, there is no fundamental reason not to. But it's not a
> good idea.

I was thinking more about the rest of the apps on the system -- the  
"lower risk" ones.  Wouldn't there be some benefit to making those  
PIEs and letting the prelinker choose a random (per system) address?