Position Independent Executables (PIE)
shrek-m at gmx.de
shrek-m at gmx.de
Fri Oct 10 23:31:39 UTC 2003
Jakub Jelinek wrote:
>On Fri, Oct 10, 2003 at 09:11:11PM +0200, Xose Vazquez Perez wrote:
>
>
>>shrek-m at gmx.de wrote:
>>
>>>will this be included in other kernels too?
>>>
>>>http://www.networknews.co.uk/News/1143925
>>>
>>>The RHEL 3 server operating system, due to ship within weeks, includes a
>>>feature called Position Independent Executables (PIE). This is a
>>>modification to the Linux kernel developed by Red Hat to reduce the
>>>threat from worms and other buffer-overflow based attacks.
>>>
>>>
>>I think that "Position Independent Executables (PIE)" is the same than
>>mingo's work called exec-shield http://people.redhat.com/mingo/exec-shield .
>>And it is included in Fedora.
>>
>>
>It is related, but not the same.
>Position Independent Executable is an ELF ET_DYN executable which can be loaded
>at any address kernel chooses (basically something in between normal
>executable and shared library). It is primarily a binutils/gcc/glibc thingie
>(see ld -pie option, gcc -pie, -fpie and -fPIE options).
>Without the exec-shield patch this is not much useful, you can run those
>PI binaries, but they will be loaded always at the same address.
>What exec-shield patch does is it randomizes the base address at which
>PIEs are loaded.
>
>
thanks,
RTFRN, RTFM :-[
http://fedora.redhat.com/docs/release-notes/
--
shrek-m
More information about the fedora-test-list
mailing list