This is the mail archive of the
mailing list for the glibc project.
Re: RFH: Annotating ELF binaries
- From: Florian Weimer <fweimer at redhat dot com>
- To: "Richard W.M. Jones" <rjones at redhat dot com>, Development discussions related to Fedora <devel at lists dot fedoraproject dot org>
- Cc: libc-help at sourceware dot org, binutils at sourceware dot org
- Date: Mon, 7 Nov 2016 15:28:12 +0100
- Subject: Re: RFH: Annotating ELF binaries
- Authentication-results: sourceware.org; auth=none
- References: <email@example.com> <20161104183441.GV30889@redhat.com>
On 11/04/2016 07:34 PM, Richard W.M. Jones wrote:
Also the hardening stuff often doesn't apply in safe languages, so the
tools you build around this shouldn't automatically assume
no hardening == bad; or that 'long double' or 'wchar_t' are meaningful.
Sorry, this isn't true. As long as you don't have a bytecode
interpreter (which is a very attractive target for code injection
attacks, to the degree that additional hardening may not matter at all),
even supposedly memory-safe languages have type system trapdoors, or
perhaps they do not enforce memory safety in the presence of data races.
This means that many of the hardening settings still matter.