From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <lakostis@altlinux.ru>
Message-ID: <28092.127.0.0.1.1149610557.squirrel@mojo.unsafe.ru>
In-Reply-To: <20060606154228.GA16175@basalt.office.altlinux.org>
References: <20060606152921.GA9823@localhost.localdomain>
	<20060606154228.GA16175@basalt.office.altlinux.org>
Date: Tue, 6 Jun 2006 20:15:57 +0400 (MSD)
From: "Konstantin A. Lepikhov" <lakostis@altlinux.ru>
To: devel@lists.altlinux.org
User-Agent: SquirrelMail/1.4.7 [CVS]
MIME-Version: 1.0
Content-Type: text/plain;charset=utf-8
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
X-AV-Checked: ClamAV using ClamSMTP
Subject: Re: [devel] Fwd: lj_udrepper: Text Relocations
X-BeenThere: devel@lists.altlinux.org
X-Mailman-Version: 2.1.7
Precedence: list
Reply-To: ALT Devel discussion list <devel@lists.altlinux.org>
List-Id: ALT Devel discussion list <devel.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
	<mailto:devel-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/devel>
List-Post: <mailto:devel@lists.altlinux.org>
List-Help: <mailto:devel-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
	<mailto:devel-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Jun 2006 16:15:58 -0000
Archived-At: <http://lore.altlinux.org/devel/28092.127.0.0.1.1149610557.squirrel@mojo.unsafe.ru/>
List-Archive: <http://lore.altlinux.org/devel/>
List-Post: <mailto:devel@altlinux.org>


<цитата от="Dmitry V. Levin">
> On Tue, Jun 06, 2006 at 07:29:21PM +0400, Alexey Tourbin wrote:
>> textrelocs.html -- довольно интересный текст.
>>
>> ----- Forwarded message from rss2mail2 -----
>>
>> Text Relocations at 03-06-2006 17:50:03
>> http://udrepper.livejournal.com/10666.html
>>    People treated creating DSOs with text relocations so far cavalier
>>    offense. The runtime automatically works around the problems the
>>    programmers are responsible for and the costs and risks are not
>>    immediately visible unless one thinks about the issue.
>>
>>    This changed with the SELinux memory protection bits which are
>> enabled
>>    in FC5 and later. Text relocations are a fatal flaw of a DSO or PIE
>>    and must be avoided. Since people complain that it's hard to fix the
>>    problem I've written code and wrote a little article on [0] how to
>> fix
>>    them.
>>
>>    For completeness I should mention that it is possible to label DSOs
>> so
>>    that the kernel allows text relocations.
>
> А в некоторых ядрах эту сомнительную возможность можно отключать частично
> или совсем.
может, добавить это в altsecurity? :)

-- 
WBR et al.