bug#18784: Coultdn't compile emacs-24.4

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#18784: Coultdn't compile emacs-24.4

From:	Stefan Monnier
Subject:	bug#18784: Coultdn't compile emacs-24.4
Date:	Mon, 16 Mar 2015 16:29:48 -0400
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/25.0.50 (gnu/linux)

> There is a long history of Emacs catching up with kernel hardening
> in this area. It started with setting ADDR_NO_RANDOMIZE via Linux
> personality(2), then setting the NORANDEXEC flag with paxctl(1) or
> setfattr(1). Now it seems that we need -nopie in addition.

But what does "-nopie" mean?  IIUC it means "do not generate PIE code",
so it is a "double-level workaround": not only it doesn't directly fix the
problem we have with randomization but it doesn't directly disable
randomization either.

If OTOH "-nopie" means "indicate that the code should not be relocated
even if it looks like it's position independent", then it's only
a "single-level workaround", like the ADDR_NO_RANDOMIZE and friends.

> My impression is that these are all workarounds that don't address the
> real issue.

AFAIK the only way to address directly the underlying issue is to use
a portable dumper.  Until then we'll have to consider address
randomization as plain bugs that we need to fix with things like
ADDR_NO_RANDOMIZE.


        Stefan "who doesn't really believe in such hardening"

[Prev in Thread]

Current Thread

[Next in Thread]

bug#18784: Coultdn't compile emacs-24.4, (continued)

Prev by Date: bug#20123: 24.4.91; Unwarranted "Unused lexical argument" for condition-case
Next by Date: bug#20117: 25.0.50; Tramp tests failing on Cygwin
Previous by thread: bug#18784: Coultdn't compile emacs-24.4
Next by thread: bug#18784: Coultdn't compile emacs-24.4
Index(es):
- Date
- Thread