tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: ASLR and PIE

On Mon, Dec 05, 2011 at 11:15:26PM +0300, Aleksey Cheusov wrote:
> Address Space Layout Randomization was implemented in NetBSD
> years ago but all userspace utilities including daemons
> are still built without PIC (Position Independend Code).
> Was this made by intention?  If yes, can anybody please expain this
> decision?

On some platforms, ASLR in particular has a very large runtime cost
which is hard to avoid (it's not free anywhere).  Similarly, on
platforms which are register-poor, PIC is not always the best choice.

However, I have considerable experience with a NetBSD-based embedded
system which built as much as possible with PIE and ASLR.  This
revealed a number of issues which would, even if we decided to do so
immediately, make it impossible to build the whole system PIE and
run it with ASLR.  Among these are:

        1) Incompatibility of our thread library with ASLR.

        2) Incompatibility of crunchgen with object files built
           for PIE, causing /rescue to be unbuildable.

        3) Incompatibility of our debugger with PIE executables and
           with ASLR.

        4) Existence of various "private" libraries in the system
           which are built using our library build framework but
           not installed, thus making it hard to be sure you've
           caught all the libraries and made them build PIC.

There are some other problems which are not trivial to solve -- one
of them is nagging at me but I can't remember just what it was, I
will have to ask someone where I used to work to look at the changelogs
for the software in question.


Home | Main Index | Thread Index | Old Index