Re: Enabling PIE by default for Stretch
Hi Florian,
2016-09-30 13:22 GMT+02:00 Florian Weimer <fw@deneb.enyo.de>:
> * Niels Thykier:
>
>> As brought up on the meeting last night, I think we should try to go for
>> PIE by default in Stretch on all release architectures!
>> * It is a substantial hardening feature
>> * Upstream has vastly reduced the performance penalty for x86
>> * The majority of all porters believe their release architecture is
>> ready for it.
>> * We have sufficient time to solve any issues or revert if it turns out
>> to be too problematic.
>
> Do you think that PIE-by-default makes BIND_NOW-by-default
> unnecessary?
I think the thread on debian-devel would be a better place to
discuss that because more people could voice their opinion.
>
> (The argument is that with PIE, it is much more difficult to get a
> controlled GOT write.)
IMO defaulting to using bindnow to have readonly GOT is probably
worth it for two reasons:
1. There may be new attacks in the coming years making finding GOT easier
in PIE binaries.
2. On 32 bit systems PIE adds less entropy and using the same bindnow
default on all architectures is .
Cheers,
Balint
Reply to: