oss-sec mailing list archives
Re: Vendor adoption of PIE INFO#934476 oss-security
From: Solar Designer <solar () openwall com>
Date: Fri, 13 Mar 2015 18:05:24 +0300
On Thu, Mar 12, 2015 at 08:31:42PM -0700, Nick Kralevich wrote:
I wanted to provide a followup on this year-old thread.
Thank you!
With the release of Android 5.0, Android has removed support for non-PIE binaries [1] [2]. Attempting to run a non-PIE binary will generate an error on Android. In this way, we ensure that all binaries take full advantage of Android's ASLR implementation. This is just one of the many security enhancements added in Android 5.*, and one that I hope other Linux distributions will pick up. [1] https://source.android.com/devices/tech/security/enhancements/enhancements50.html [2] https://android.googlesource.com/platform/bionic/+/76e289c026f11126fc88841b3019fd5bb419bb67
I brought this to Twitter, and here's a comment by Rich Felker: <solardiz> Android 5.0 "has removed support for non-PIE binaries. Attempting to run a non-PIE binary will generate an error" http://www.openwall.com/lists/oss-security/2015/03/13/1 <@RichFelker> @solardiz Guess that means no emacs on Android... <@solardiz> @RichFelker Why, can't one build Emacs as PIE? <@RichFelker> @solardiz The whole dumper issue. The final emacs binary is a dump of an emacs with a lisp heap full of pointers and no relocation data. Alexander
Current thread:
- Re: Vendor adoption of PIE INFO#934476 oss-security Nick Kralevich (Mar 12)
- Re: Vendor adoption of PIE INFO#934476 oss-security Solar Designer (Mar 13)
- Re: Vendor adoption of PIE INFO#934476 oss-security Daniel Micay (Mar 13)
- Re: Vendor adoption of PIE INFO#934476 oss-security Nick Kralevich (Mar 13)
- Re: Vendor adoption of PIE INFO#934476 oss-security Daniel Micay (Mar 13)
- Re: Vendor adoption of PIE INFO#934476 oss-security Solar Designer (Mar 13)