On 09/21/2016 08:41 AM, Riku Voipio wrote:
> AFAIK Address space randomizing is not really helpful on 32 bit
> architectures - there is just not that many places to randomize to.
Well, sure, but there's still a huge difference in an explot with
100% reliability, or an exploit that will just crash the program
in 95% of cases. Sure, if there's an easy way to repeatedly try
the exploit 20 times, it won't be a show-stopper, but it will
make the life of people who want to exploit a flaw just a tiny
> At least previously, PIE added ~10% to binary size,
At least on x86 there have been substantial improvements in
receent gcc versions when it comes to PIE support, so the impact
of PIE on executables even on 32bit is a lot smaller than it used
to be. I don't know about ARM though.
Consider the following two data points:
- A _lot_ of code in Debian is in shared libraries, which are
compiled with -fPIC anyway. Many executables only spend a
fraction of their instructions in the executable code itself.
- It's been considered best practice to enable PIE executables
if possible (via hardening=+all or similar), so many programs
in Debian (and e.g. all of my packages except one) already
use that. I suspect that a lot of of code that you are
currently running is already PIE, especially in the packages
that are more actively maintained.