On Mon, Jan 23, 2012 at 23:18, Zac Medico wrote:
>
> We've got experimental support for FEATURES=xattr since
> portage-2.2.0_alpha80. We can include that in the next portage-2.1.x
> release.
>
Awesome. If possible though, let's keep the no-SUID-ever discussion for
another thread, as xattr still r
On Monday 23 January 2012 14:08:51 Jason A. Donenfeld wrote:
> So I recently published this: http://blog.zx2c4.com/749 , a local priv
> escalation. It doesn't work on Fedora because their /bin/su is compiled
> with -pie. (They don't compile gpasswd with -pie though, so they're still
> vulnerable.)
On Monday 23 January 2012 15:12:47 Francesco Riosa wrote:
> 2012/1/23 Mike Gilbert:
> > On Mon, Jan 23, 2012 at 2:57 PM, Jason A. Donenfeld wrote:
> >> To check for PIE,
> >>
> >> readelf -h /bin/su | grep Type
> >>
> >> If it says EXEC, no PIE. If it says DYN, yes PIE.
> >
> > I'm asking "how d
On Monday 23 January 2012 14:37:40 Diego Elio Pettenò wrote:
> Il giorno lun, 23/01/2012 alle 20.26 +0100, Jason A. Donenfeld ha scritto:
> > When ASLR is turned on, the .text section of executables compiled with
> > PIE is given a randomized base address. When ASLR is off or when PIE
> > is not us
On 01/23/2012 12:12 PM, Francesco Riosa wrote:
> 2012/1/23 Mike Gilbert :
>> On Mon, Jan 23, 2012 at 2:57 PM, Jason A. Donenfeld wrote:
>>> To check for PIE,
>>>
>>> readelf -h /bin/su | grep Type
>>>
>>> If it says EXEC, no PIE. If it says DYN, yes PIE.
>>
>> I'm asking "how does one enable PIE/A
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 01/23/2012 07:40 PM, Jason A. Donenfeld wrote:
>
> What I propose is just to /detect/ at merge-time whether or not
> there are SUID binaries that are not PIE, and if so, spit out a Q&A
> warning.
>
> That way, package maintainers could fix thing
On Monday 23 January 2012 15:00:41 Mike Gilbert wrote:
> I'm asking "how does one enable PIE/ASLR", not how to check if it is
> enabled already.
Just enable hardened profile that compiles generally with:
-fno-strict-overflow -fPIE -fstack-protector-all
in particular with gcc-hardenednossp you have
2012/1/23 Mike Gilbert :
> On Mon, Jan 23, 2012 at 2:57 PM, Jason A. Donenfeld wrote:
>> To check for PIE,
>>
>> readelf -h /bin/su | grep Type
>>
>> If it says EXEC, no PIE. If it says DYN, yes PIE.
>
> I'm asking "how does one enable PIE/ASLR", not how to check if it is
> enabled already.
- PIE
On Mon, Jan 23, 2012 at 03:00:41PM -0500, Mike Gilbert wrote:
> I'm asking "how does one enable PIE/ASLR", not how to check if it is
> enabled already.
Look at http://hardened.gentoo.org, the default toolchain used includes PIE,
and it also includes various other measures (like additional grSecuri
On Mon, Jan 23, 2012 at 2:57 PM, Jason A. Donenfeld wrote:
> To check for PIE,
>
> readelf -h /bin/su | grep Type
>
> If it says EXEC, no PIE. If it says DYN, yes PIE.
I'm asking "how does one enable PIE/ASLR", not how to check if it is
enabled already.
To check for PIE,
readelf -h /bin/su | grep Type
If it says EXEC, no PIE. If it says DYN, yes PIE.
--
sent from my mobile
On 1/23/12, Mike Gilbert wrote:
> On Mon, Jan 23, 2012 at 2:40 PM, Jason A. Donenfeld wrote:
>> That way, package maintainers could fix things up bit by bit, without
>> h
Il giorno lun, 23/01/2012 alle 20.40 +0100, Jason A. Donenfeld ha
scritto:
> What I propose is just to detect at merge-time whether or not there
> are SUID binaries that are not PIE, and if so, spit out a Q&A
> warning.
>
> That way, package maintainers could fix things up bit by bit, without
>
On Mon, Jan 23, 2012 at 2:40 PM, Jason A. Donenfeld wrote:
> That way, package maintainers could fix things up bit by bit, without having
> to burden you alone with tinderbox troubles.
How do I go about testing with PIE/ASLR on my own box? Is it just some CFLAGS?
A link to some documentation wou
On Mon, Jan 23, 2012 at 20:37, Diego Elio Pettenò wrote:
>
> Stripping a compiled file of read permissions is quick, painless and
> (mostly) safe from errors. Changing the way it is compiled.. not so
> much.
>
> I'm not saying that it's not a good idea, but if we want to proceed with
> this, there
Il giorno lun, 23/01/2012 alle 20.26 +0100, Jason A. Donenfeld ha
scritto:
> When ASLR is turned on, the .text section of executables compiled with
> PIE is given a randomized base address. When ASLR is off or when PIE
> is not used, the base address is predictable, so it's easy to find
> where to
On Mon, Jan 23, 2012 at 20:22, Diego Elio Pettenò wrote:
>
> Is it because of PIE alone or ASLR? Just curious it doesn't make much
> difference to me.
>
When ASLR is turned on, the .text section of executables compiled with PIE
is given a randomized base address. When ASLR is off or when PIE is no
Hello Jason,
Il giorno lun, 23/01/2012 alle 20.08 +0100, Jason A. Donenfeld ha
scritto:
> So I recently published this: http://blog.zx2c4.com/749 , a local priv
> escalation.
I've seen the news :)
> It doesn't work on Fedora because their /bin/su is compiled with
> -pie. (They don't compile gp
Hi Diego,
So I recently published this: http://blog.zx2c4.com/749 , a local priv
escalation. It doesn't work on Fedora because their /bin/su is compiled
with -pie. (They don't compile gpasswd with -pie though, so they're still
vulnerable.) In any case, what if we made it a policy in Gentoo to comp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
My apologies for sending this twice to the gentoo-dev ml, but I forgot
to CC gentoo-dev-announce.
# Jorge Manuel B. S. Vicetto (22 Jan 2012)
# Mask compiz for last-rites unless someone steps up
# to maintain it. Removal in 30 days.
dev-python/compizc
19 matches
Mail list logo
