On Monday 23 January 2012 14:08:51 Jason A. Donenfeld wrote: > So I recently published this: http://blog.zx2c4.com/749 , a local priv > escalation. It doesn't work on Fedora because their /bin/su is compiled > with -pie. (They don't compile gpasswd with -pie though, so they're still > vulnerable.) In any case, what if we made it a policy in Gentoo to compile > * all* SUID binaries with PIE, to prevent against any types of future > attacks of this variety?
pedantically, PIE+ASLR makes it significantly harder to exploit, not impossible if we could get some general performance numbers that show non-PIE vs PIE, that'd help make the case for turning PIE on by default regardless of set*id. -mike
signature.asc
Description: This is a digitally signed message part.
