https://sourceware.org/bugzilla/show_bug.cgi?id=23567
--- Comment #5 from Nick Clifton <nickc at redhat dot com> --- Hi Felix, > With -z noseparate-code I'm down to 9512 bytes. That is much better but still > more than gold produces. And looking at the binary in a hex editor still shows > a ton of padding bytes after .text and .data. Have you tried linking with -N added to the command line ? > The difference would be that those are no longer mapped as > executable, but they are not mapped as writable either. So what attack exactly > are we preventing here? Who knows. :-) I am not really a security expert. But maybe an inventive programmer could find a sequence of data values that could also be valid as instruction bytes. (Or maybe they could surreptitiously insert them into the program sources somehow). Then they might be able to use these instructions as part of an attack. > I'm not sure what security we are actually buying here. Is there documentation > about this? Probably somewhere, but I do not have any links to hand. Sorry, but this is not my area of expertise. Cheers Nick -- You are receiving this mail because: You are on the CC list for the bug. _______________________________________________ bug-binutils mailing list bug-binutils@gnu.org https://lists.gnu.org/mailman/listinfo/bug-binutils
