This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: RFC: Add --enable-static-pie to build static executables as PIE
- From: "H.J. Lu" <hjl dot tools at gmail dot com>
- To: "Carlos O'Donell" <carlos at redhat dot com>
- Cc: Alan Modra <amodra at gmail dot com>, Rich Felker <dalias at libc dot org>, GNU C Library <libc-alpha at sourceware dot org>
- Date: Tue, 18 Jul 2017 06:10:26 -0700
- Subject: Re: RFC: Add --enable-static-pie to build static executables as PIE
- Authentication-results: sourceware.org; auth=none
- References: <CAMe9rOpAVyDYwe5o3S+0T96Ryeug=qHwgbQguGL4kaqJOrKViw@mail.gmail.com> <20170717222937.GQ1627@brightrain.aerifal.cx> <CAMe9rOozp6T25FzpP41S+PaWmANa955=K8hZcFagmFfoaQKgSA@mail.gmail.com> <20170718042500.GI14520@bubble.grove.modra.org> <CAMe9rOq3h1mvrLUn7CQ9vJ=NmERhr=Hb1KHu7-zkA6aKKT7WHA@mail.gmail.com> <c4629cca-3000-d7d3-28c8-d2142fcc4cfd@redhat.com>
On Tue, Jul 18, 2017 at 6:08 AM, Carlos O'Donell <carlos@redhat.com> wrote:
> On 07/18/2017 08:30 AM, H.J. Lu wrote:
>>> - What practical benefit do you get with a "static PIE"?
>>
>> A static PIE can be loaded at random address without
>> dynamic linker.
>
> This is just a restating of what it does, Alan asked what practical
> benefit it would have. What use cases do you see? Do you see us
> completely replacing non-PIE static binaries with PIE static binaries
> and then randomizing their load address to improve security?
>
Yes. That is the main use of PIE, isn't it?
--
H.J.