Web lists-archives.com

Re: When did Debian decide to enable PIE by default?




On Wednesday 09 August 2017 10:52:26 慕 冬亮 wrote:

> On 08/09/2017 10:48 AM, Gene Heskett wrote:
> > On Wednesday 09 August 2017 10:31:48 Thomas Schmitt wrote:
> >> Hi,
> >>
> >> 慕 冬亮 <mudongliangabcd@xxxxxxxxxxx> wrote:
> >>> When does Debian Team, or Security Team decide to enable PIE by
> >>> default?
> >>
> >> I guess it was one year ago. At least that's the dates one can see
> >> on https://wiki.debian.org/Hardening/PIEByDefaultTransition
> >
> > Interesting Thomas, but what the heck is PIE?  I know about PAE, but
> > PIE? Whats it do?  Searching the above wiki returned only this
> > thread.
>
> Please take a look at the following URL:
>
> https://wiki.debian.org/Hardening#DEB_BUILD_HARDENING_PIE_.28gcc.2Fg.2
>B-.2B-_-fPIE_-pie.29
>
Aha, another name for PIC, which I've only been writing code that uses it 
for 32 years. Also known as PCR, for Program Counter Relative.  Such 
code can be loaded into memory and executed without any patching.

> It is a security feature which combines with ASLR to do full address
> space randomization.
>
> > Thanks, you too.
> >
> >> Have a nice day :)
> >>
> >> Thomas
> >
> > Cheers, Gene Heskett


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page <http://geneslinuxbox.net:6309/gene>