Web lists-archives.com

Re: When did Debian decide to enable PIE by default?




-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sat, Aug 12, 2017 at 01:11:43PM +0200, Pascal Hambourg wrote:
> Le 10/08/2017 à 10:00, tomas@xxxxxxxxxx a écrit :

[...]

> >PIE is "position independent executable": it's about using PIC in the
> >Executable
> 
> Sorry, but I fail to see the difference.
> A shared library is executable, and the "code" in PIC is nothing but
> executable code, isn't it ?

The difference is in intention (both are ELF these days). /bin/ls is
an "executable", /lib/x86_64-linux-gnu/libc.so.6 is a lib (yes, this
one has an entry point, you can invoke it from the command line).

While enabling PIC for libs has been done for a long time (IIRC the
first motivator was limited address space under 32 bit) and always
seemed a Good Idea(TM), for the executables I think it's ASLR what
brought a motivation with it. But I might be wrong.

Cheers
- -- tomás
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlmPDAsACgkQBcgs9XrR2kbHewCdH//d0m1s14IIORFrqcGMs2DZ
KIwAn0TdaN6+D7uM5ce8EkMMcXvUj2Q6
=sZgI
-----END PGP SIGNATURE-----