This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Add compiler and linker hardening after the fact

From: Jeffrey Walton <noloader at gmail dot com>
To: Binutils <binutils at sourceware dot org>
Date: Fri, 23 Mar 2012 18:30:48 -0400
Subject: Add compiler and linker hardening after the fact
Reply-to: noloader at gmail dot com

Hi All,

I'm working on a system which includes binaries (not source code)
which do not utilize hardening techniques such as -z,relro -z,now,
-z,noexecstack, -znoexecheap, and -fPIE.

Does Binutils offer a tool to set the relevant bits (assuming the
binary is not signed nor integrity checked)? I'm not sure what needs
to be done for RELRO, NOW and PIE. I know -z,noexecstack, -znoexecheap
need new sections added for PT_GNU_STACK and PT_GNU_HEAP markings (and
no-exec heaps might not be available).

Jeff

Follow-Ups:
- Re: Add compiler and linker hardening after the fact
  - From: Ian Lance Taylor

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]