prelink: is it worth it?
yersinia
yersinia.spiros at gmail.com
Fri Jul 10 22:36:32 UTC 2009
On Sat, Jul 11, 2009 at 12:26 AM, Jakub Jelinek <jakub at redhat.com> wrote:
> On Fri, Jul 10, 2009 at 11:29:43PM +0200, yersinia wrote:
> > Ok. But prelink it or not a requisite for ASLR or not ? In other word,
> > besides performance
> > is disabling prelink a security matter or not ? It is not bad to have
> some
> > answer on this.
>
> ASLR happens with prelink or without. Particularly, PIEs (should be used
> for most of suid/network facing or otherwise security exposed programs) are
> always randomized, both the binary itself and all shared libraries it uses.
>
> Other than that, on prelinked system libraries are assigned random
> addresses
> whenever reprelinked, while when not prelinked, libraries are given random
> addresses on every exec. Non-PIE binaries have always fixed address.
>
> Jakub
>
Thank a lot for your answer: this was a delicate and very interesting issue,
for me almost.
Best regards
>
> --
> fedora-devel-list mailing list
> fedora-devel-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-devel-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20090711/91f8c3ab/attachment.htm>
More information about the fedora-devel-list
mailing list