Re: When did Debian decide to enable PIE by default?
- Date: Thu, 10 Aug 2017 09:53:55 +0200
- From: <tomas@xxxxxxxxxx>
- Subject: Re: When did Debian decide to enable PIE by default?
-----BEGIN PGP SIGNED MESSAGE-----
On Wed, Aug 09, 2017 at 02:49:06PM +0000, 慕 冬亮 wrote:
> On 08/09/2017 10:31 AM, Thomas Schmitt wrote:
> > Hi,
> > 慕 冬亮 <mudongliangabcd@xxxxxxxxxxx> wrote:
> >> When does Debian Team, or Security Team decide to enable PIE by default?
> > I guess it was one year ago. At least that's the dates one can see on
> > https://wiki.debian.org/Hardening/PIEByDefaultTransition
> Such a good news for me, a student learning information security.
> However, I have a doubt, why does Debian enable PIE by default, other
> than stack protector and FORTIFY_SOURCE that are already enabled by
> default in the Ubuntu distribution?
> I think stack protector(FORTIFY_SOURCE) has less overhead than PIE.
As far as I understand, stack protection and/or FORTIFY_SOURCE are
about protecting from buffer overflows. Stack protection sounds
pretty generic, in the case of FORTIFY_SOURCE, it's the compiler
doing extra compile-time checks (when possible) and inserting extra
run-time check code.
PIE isn't a security measure in itself -- it just allows such code
to be dynamically mapped at any address. But it enables address space
layout randomisation , which isn't a security measure in itself
either, but a *mitigation* technique: if an attacker has already
managed to take control of your program counter (e.g. by rewriting
a return address... possibly via a stack overflow, see above), you
make his/her life harder by not putting (potentially useful) code
at a place (s)he knows how to find.
It's like putting a chair in a dark room. Of course you should
try to make your door and lock as secure as possible. But just
> No System Is Safe!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
-----END PGP SIGNATURE-----