Time to enable partial relro
David Chisnall
theraven at FreeBSD.org
Fri Aug 26 14:36:26 UTC 2016
On 26 Aug 2016, at 15:18, Warner Losh <imp at bsdimp.com> wrote:
>
> So what's the summary of why we'd want to do that? What benefit does it bring?
> Sure, other folks do it, but why?
It reduce the attack surface for code reuse attacks: non-PLT GOT entries are read-only and so can’t be manipulated by a memory safety bug. It doesn’t provide much mitigation, but it also doesn’t cost very much - some security for a negligible cost is probably a sensible thing to pick.
When combined with RTLD_NOW, it provides more hardening, but at a much more significant cost (bigger startup times - much bigger for things like OpenOffice or Firefox, some forms of interposition break, and so on). That’s still probably worth it for some things (sshd, for example).
David
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3698 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-toolchain/attachments/20160826/28f41bec/attachment.bin>
More information about the freebsd-toolchain
mailing list