Wireshark mailing list archives
Re: Compile with PIE
From: Balint Reczey <balint.reczey () ericsson com>
Date: Tue, 05 Jan 2010 19:38:31 +0100
Bill Meier wrote:
Stig Bjørlykke wrote:Hi, Can we build Wireshark and friends as Position-independent executables (PIE)? The attached patch seems to do this. Any objections against this patch?I've no experience with Position-independent executables; A quick search does suggest that there's a performance hit (every time the program is loaded into memory ??). For example: From: http://www.redhat.com/magazine/009jul05/features/execshield/ "Position independent code has a performance overhead on most architectures (x86-64 is the exception to this). For this reason, neither Red Hat® Enterprise Linux® nor Fedora™ Core have the entire distribution compiled as a PIE binary. Only selected, security sensitive programs are compiled as PIEs. " Thoughts ??
Recent Debian and Ubuntu packages are already built with PIE and other security related hardening options: http://wiki.debian.org/Hardening http://packages.qa.debian.org/w/wireshark/news/20091006T201929Z.html I haven't tested the speed impacts, but the packaged binaries don't seem to be noticeably slower than the svn builds. Cheers, Balint ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Compile with PIE Stig Bjørlykke (Jan 05)
- Re: Compile with PIE Bill Meier (Jan 05)
- Re: Compile with PIE Balint Reczey (Jan 05)
- Re: Compile with PIE Joerg Mayer (Jan 05)
- Re: Compile with PIE Balint Reczey (Jan 05)
- Re: Compile with PIE Bill Meier (Jan 05)