<div dir="ltr"><br><div class="gmail_extra">On Sun, Mar 31, 2013 at 5:11 PM, Richard W.M. Jones <span dir="ltr"><<a href="mailto:rjones@redhat.com" target="_blank">rjones@redhat.com</a>></span> wrote:<br><div class="gmail_quote">
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div>On Sun, Mar 31, 2013 at 01:09:36AM +0100, Kevin Kofler wrote:<br>
> Dhiru Kholia wrote:<br>
> > Any feedback is welcome!<br>
><br>
> My proposal: build ALL packages in Fedora with not only -fPIE and RELRO, but<br>
> also -fstack-protector-all (which is not included in the current hardened<br>
> cflags). Also get rid of prelink which reduces the effectiveness of ASLR.<br>
> Then drop SELinux which becomes obsolete if the executables cannot be<br>
> exploited in the first place. (It only papers over the real problem.)<br>
<br>
</div>I know you're trolling here, but there are some misconceptions that<br>
should be corrected:<br>
<br>
(1) -fstack-protector{,-all} doesn't implement full bounds checking<br>
for every C object.<br>
<br>
(2) SELinux controls what labelled resources a process can access.<br>
This covers far more than buffer overflows in C programs. It covers<br>
other programming languages, design flaws and implementation 'thinko's<br>
of all sorts. I would argue (separate from this) that it's good to<br>
define precisely what resources a program can access, rather than the<br>
default "access just about everything".<br>
<br>
However prelink does reduce the effectiveness of ASLR (a bit). See<br>
<a href="http://lwn.net/Articles/341440/" target="_blank">http://lwn.net/Articles/341440/</a> and follow-up conversation.<br>
<div><br></div></blockquote><div style>Probably something had changed in the last years. I have posted the same question, or related, some time ago</div><div style><a href="http://www.redhat.com/archives/rhl-devel-list/2009-July/msg00674.html">http://www.redhat.com/archives/rhl-devel-list/2009-July/msg00674.html</a></div>
<div style> </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex"><div><br></div></blockquote></div></div>
</div>