prelink: is it worth it?
Jakub Jelinek
jakub at redhat.com
Fri Jul 10 22:26:24 UTC 2009
On Fri, Jul 10, 2009 at 11:29:43PM +0200, yersinia wrote:
> Ok. But prelink it or not a requisite for ASLR or not ? In other word,
> besides performance
> is disabling prelink a security matter or not ? It is not bad to have some
> answer on this.
ASLR happens with prelink or without. Particularly, PIEs (should be used
for most of suid/network facing or otherwise security exposed programs) are
always randomized, both the binary itself and all shared libraries it uses.
Other than that, on prelinked system libraries are assigned random addresses
whenever reprelinked, while when not prelinked, libraries are given random
addresses on every exec. Non-PIE binaries have always fixed address.
Jakub
More information about the devel
mailing list