* -fpie or ssp (IBM stack hardening)
@ 2005-02-09 13:51 B.G. Bruce
2005-02-09 20:11 ` Jerome Brown
0 siblings, 1 reply; 3+ messages in thread
From: B.G. Bruce @ 2005-02-09 13:51 UTC (permalink / raw)
To: xen-devel
Has anyone looked into how compatible XEN is with pie (-fpie) or ssp?
Regards,
B.
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: -fpie or ssp (IBM stack hardening)
2005-02-09 20:11 ` Jerome Brown
@ 2005-02-09 20:03 ` voices
0 siblings, 0 replies; 3+ messages in thread
From: voices @ 2005-02-09 20:03 UTC (permalink / raw)
To: xen-devel
Jerome Brown wrote:
> B.G. Bruce wrote:
>
>>Has anyone looked into how compatible XEN is with pie (-fpie) or ssp?
>
Yes, I've tried it on gentoo-hardened with PIE(ET_DYN)/SSP.
I works without any problems.
But .. Is there any other purpose in compiling the system as PIE, other
than for using PaX ?
Unfortunately, nobody is porting PaX to XEN ... very bad, especially if
we're talking about secure systems.
Lack of PaX for XEN prevents me from using xen on my servers.
--
voices (at) metallicrain (dot) com
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: -fpie or ssp (IBM stack hardening)
2005-02-09 13:51 -fpie or ssp (IBM stack hardening) B.G. Bruce
@ 2005-02-09 20:11 ` Jerome Brown
2005-02-09 20:03 ` voices
0 siblings, 1 reply; 3+ messages in thread
From: Jerome Brown @ 2005-02-09 20:11 UTC (permalink / raw)
To: xen-devel
B.G. Bruce wrote:
> Has anyone looked into how compatible XEN is with pie (-fpie) or ssp?
>From memory (it has been a while since I have tried due to xorg issues)
Xen itself _will_ compile and run with ssp and pie. However the kernel
will not (this is a standard kernel 'feature' - as mentioned previously
on this list it is probably better that it doesn't).
HTH
--
Jerome Brown
Technology Architect
Hub.Net
P: +64 3 961-5116
M: +64 29 453 7663
F: +64 3 961-5129
E: jerome@hub.net.nz
W: http://www.hub.net.nz/
O: Level 4, 818 Colombo St, Christchurch, New Zealand
S: PO Box 1879, Christchurch, New Zealand
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2005-02-09 20:11 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2005-02-09 13:51 -fpie or ssp (IBM stack hardening) B.G. Bruce
2005-02-09 20:11 ` Jerome Brown
2005-02-09 20:03 ` voices
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.