From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <led@altlinux.ru>
From: Led <led@altlinux.ru>
To: ALT Devel discussion list <devel@lists.altlinux.org>
Date: Tue, 6 Jun 2006 18:48:38 +0300
User-Agent: KMail/1.9.1
References: <20060606152921.GA9823@localhost.localdomain>
In-Reply-To: <20060606152921.GA9823@localhost.localdomain>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="windows-1251"
Content-Transfer-Encoding: 8bit
Content-Disposition: inline
Message-Id: <200606061848.38573.led@altlinux.ru>
Subject: Re: [devel] Fwd: lj_udrepper: Text Relocations
X-BeenThere: devel@lists.altlinux.org
X-Mailman-Version: 2.1.7
Precedence: list
Reply-To: ALT Devel discussion list <devel@lists.altlinux.org>
List-Id: ALT Devel discussion list <devel.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
	<mailto:devel-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/devel>
List-Post: <mailto:devel@lists.altlinux.org>
List-Help: <mailto:devel-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
	<mailto:devel-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Jun 2006 15:48:17 -0000
Archived-At: <http://lore.altlinux.org/devel/200606061848.38573.led@altlinux.ru/>
List-Archive: <http://lore.altlinux.org/devel/>
List-Post: <mailto:devel@altlinux.org>

В сообщении от 6 июня 2006 18:29 Alexey Tourbin написал(a):
> textrelocs.html -- довольно интересный текст.
>
>
> ----- Forwarded message from rss2mail2 -----
>
> Text Relocations at 03-06-2006 17:50:03
> http://udrepper.livejournal.com/10666.html
>    People treated creating DSOs with text relocations so far cavalier
>    offense. The runtime automatically works around the problems the
>    programmers are responsible for and the costs and risks are not
>    immediately visible unless one thinks about the issue.
>
>    This changed with the SELinux memory protection bits which are enabled
>    in FC5 and later. Text relocations are a fatal flaw of a DSO or PIE
>    and must be avoided. Since people complain that it's hard to fix the
>    problem I've written code and wrote a little article on [0] how to fix
>    them.
>
>    For completeness I should mention that it is possible to label DSOs so
>    that the kernel allows text relocations. This is done using the
>    textrel_shlib_t label. But this really never should be regarded as a
>    solution, it's a work-around. Denying text relocations is a major
>    security feature.
>
>    [0] http://people.redhat.com/drepper/textrelocs.html
>
> ----- End forwarded message -----

Ага, особенно вот это "порадовало":

"If the problem is indeed the result of hand-written assembler code the 
solution is not as simple as adding a compiler/assembler flag. The code needs 
to be rewritten. This is architecture specific and can vary widely between 
every single instance. We are not going into those details here. Find a 
person with sufficient assembly programming skills if this problem appears."

:(

-- 
Led.