From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <at@altlinux.ru>
Date: Tue, 6 Jun 2006 19:29:21 +0400
From: Alexey Tourbin <at@altlinux.ru>
To: devel@altlinux.ru
Message-ID: <20060606152921.GA9823@localhost.localdomain>
Mail-Followup-To: devel@altlinux.ru
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="opJtzjQTFsWo+cga"
Content-Disposition: inline
Subject: [devel] Fwd: lj_udrepper: Text Relocations
X-BeenThere: devel@lists.altlinux.org
X-Mailman-Version: 2.1.7
Precedence: list
Reply-To: ALT Devel discussion list <devel@lists.altlinux.org>
List-Id: ALT Devel discussion list <devel.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
	<mailto:devel-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/devel>
List-Post: <mailto:devel@lists.altlinux.org>
List-Help: <mailto:devel-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
	<mailto:devel-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Jun 2006 15:29:15 -0000
Archived-At: <http://lore.altlinux.org/devel/20060606152921.GA9823@localhost.localdomain/>
List-Archive: <http://lore.altlinux.org/devel/>
List-Post: <mailto:devel@altlinux.org>


--opJtzjQTFsWo+cga
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

textrelocs.html -- =C4=CF=D7=CF=CC=D8=CE=CF =C9=CE=D4=C5=D2=C5=D3=CE=D9=CA =
=D4=C5=CB=D3=D4.


----- Forwarded message from rss2mail2 -----

Text Relocations at 03-06-2006 17:50:03
http://udrepper.livejournal.com/10666.html
   People treated creating DSOs with text relocations so far cavalier
   offense. The runtime automatically works around the problems the
   programmers are responsible for and the costs and risks are not
   immediately visible unless one thinks about the issue.

   This changed with the SELinux memory protection bits which are enabled
   in FC5 and later. Text relocations are a fatal flaw of a DSO or PIE
   and must be avoided. Since people complain that it's hard to fix the
   problem I've written code and wrote a little article on [0] how to fix
   them.

   For completeness I should mention that it is possible to label DSOs so
   that the kernel allows text relocations. This is done using the
   textrel_shlib_t label. But this really never should be regarded as a
   solution, it's a work-around. Denying text relocations is a major
   security feature.

   [0] http://people.redhat.com/drepper/textrelocs.html

----- End forwarded message -----

--opJtzjQTFsWo+cga
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFEhZ9RfBKgtDjnu0YRAooMAKCt5N89G2DLrPFu71ZMzWRfYqcLcACfdzN2
7zCf/t0EPXigFH23RVWtN7s=
=Tvyx
-----END PGP SIGNATURE-----

--opJtzjQTFsWo+cga--