On Thu, Nov 6, 2014, at 03:39 PM, David Brodsky wrote: > > So, does that mean the PIE setting only affected executables and not > libraries, perhaps? > > This is indeed the case. From the 5.0 security notes. > <http://source.android.com/devices/tech/security/enhancements50.html>: > > "Android now requires all dynamically linked executables to support PIE > (position-independent executables)."
All of our binaries are statically linked though... I think? In the end, it seems like this issue really only affects a very small amount of apps, which just happens to include Orbot (tor, polipo), StoryMaker (ffmpeg) and InformaCam (ffmpeg). > > On Thu Nov 06 2014 at 11:26:33 AM Nick Parker <[email protected]> > wrote: > > > Hi Nathan, > > > > For what its worth, running the latest SQLCipher for Android (3.2.0) > > library on the Android L preview emulator executing the test suite is > > entirely successful. I had previously submitted a screenshot of this to > > this thread however the message was not posted. > > > > On 11/6/14 1:09 PM, Nathan of Guardian wrote: > > > I finally updated my Nexus 7 to use the latest Android L/5.0 developer > > > preview ROMs > > > > > > I've updated Orbot's Makefile to support a simple command line arg for > > > enabling PIE or not: > > > https://github.com/n8fr8/orbot/commit/7f50f79b0e3ebbb0dd97845445dbb6 > > 93f3fd541c > > > > > > For PIE-enabled/Android-16 binaries: > > >> make polipo PIEFLAGS="-fPIE -pie" NDK_PLATFORM_LEVEL="16" > > > > > > For non-PIE/Android-9 through 15 binaries: > > >> make polipo PIEFLAGS="" NDK_PLATFORM_LEVEL="9" > > > > > > I can verify that if I try to run the non-PIE binaries on L, they do not > > > work. > > > > > > Now, when I decided to install Courier (securereader) and ChatSecure > > > from the Google Play store existing versions, they both installed and > > > executed perfectly. They both contain native code, but they are used as > > > shared libraries and not command line executables like with Orbot. > > > > > > So, does that mean the PIE setting only affected executables and not > > > libraries, perhaps? > > > > > > > > > > -- > > Nick Parker > > > > _______________________________________________ > > Guardian-dev mailing list > > > > Post: [email protected] > > List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev > > > > To Unsubscribe > > Send email to: [email protected] > > Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/ > > davidpbrodsky%40gmail.com > > > > You are subscribed as: [email protected] > > > _______________________________________________ > Guardian-dev mailing list > > Post: [email protected] > List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev > > To Unsubscribe > Send email to: [email protected] > Or visit: > > https://lists.mayfirst.org/mailman/options/guardian-dev/nathan%40guardianproject.info > > You are subscribed as: [email protected] -- Nathan of Guardian [email protected] _______________________________________________ Guardian-dev mailing list Post: [email protected] List info: https://lists.mayfirst.org/mailman/listinfo/guardian-dev To Unsubscribe Send email to: [email protected] Or visit: https://lists.mayfirst.org/mailman/options/guardian-dev/archive%40mail-archive.com You are subscribed as: [email protected]
