On Sat, Jul 11, 2009 at 12:26 AM, Jakub Jelinek <[email protected]> wrote:
> On Fri, Jul 10, 2009 at 11:29:43PM +0200, yersinia wrote: > > Ok. But prelink it or not a requisite for ASLR or not ? In other word, > > besides performance > > is disabling prelink a security matter or not ? It is not bad to have > some > > answer on this. > > ASLR happens with prelink or without. Particularly, PIEs (should be used > for most of suid/network facing or otherwise security exposed programs) are > always randomized, both the binary itself and all shared libraries it uses. > > Other than that, on prelinked system libraries are assigned random > addresses > whenever reprelinked, while when not prelinked, libraries are given random > addresses on every exec. Non-PIE binaries have always fixed address. > > Jakub > Thank a lot for your answer: this was a delicate and very interesting issue, for me almost. Best regards > > -- > fedora-devel-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/fedora-devel-list >
-- fedora-devel-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/fedora-devel-list
