Re: Security and PAX

[rhino64%epost.ch@localhost]

On Mon, Jun 15, 2015 at 09:59:34AM -0400, Christos Zoulas wrote:
> On Jun 15,  9:15am, rhino64%epost.ch@localhost (rhino64%epost.ch@localhost) wrote:
> -- Subject: Re: Security and PAX
> 
> | I will send you this info soon. Should I recompile Userland programs and libs 
> | with the parameter "-fpic".  If I remember well, it was the library 
> | "libtermcap" (from userland) which cannot be linked and the error 
> | message suggested to compile it with "-fpic".
> 
> Ah, for this link all the archive libraries into the binary you need to create
> libfoo_pic.a for each one of them like you have for libc... It is not hard
> to do, but we don't do it by default because people don't need it and it
> takes more time and space.
> 
The needed libraries are already in NetBSD and I could use them.
Hoewever, I get a new error message when I try to do manually
the link command:
----------------------------------------------------------------------------------------------
virtualisation# cc -static -Wl,-I/libexec/ld.elf_so -Wl,-pie -o zsh main.o  `cat stamp-modobjs` -lc_pic -ltermcap_pic -lrt_pic -lm_pic
ld: /usr/lib/libc.a(errx.o): relocation R_X86_64_32 against `.text' can not be used when making a shared object; recompile with -fPIC
/usr/lib/libc.a: could not read symbols: Bad value
----------------------------------------------------------------------------------------------

I don't understand well the meaning of "R_X86_64_32" since I compile 
in 64 bits (what mean "32"?) as you can see in the static version of the executable:
----------------------------------------------------------------------------------------------
virtualisation# file /usr/pkg/bin/zsh
/usr/pkg/bin/zsh: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, for NetBSD 6.1.5, stripped
----------------------------------------------------------------------------------------------