Web lists-archives.com

Re: When did Debian decide to enable PIE by default?





On 08/09/2017 10:31 AM, Thomas Schmitt wrote:
> Hi,
>
> 慕 冬亮 <mudongliangabcd@xxxxxxxxxxx> wrote:
>> When does Debian Team, or Security Team decide to enable PIE by default?
> I guess it was one year ago. At least that's the dates one can see on
>    https://wiki.debian.org/Hardening/PIEByDefaultTransition
Such a good news for me, a student learning information security. 
However, I have a doubt, why does Debian enable PIE by default, other 
than stack protector and FORTIFY_SOURCE that are already enabled by 
default in the Ubuntu distribution?

I think stack protector(FORTIFY_SOURCE) has less overhead than PIE.

>
> Have a nice day :)
>
> Thomas
>

-- 

-----------------------
My best regards to you.

      No System Is Safe!
      Dongliang Mu