How to manage libraries with no stack canary
Antonio Trande
anto.trande at gmail.com
Sun Nov 1 15:23:27 UTC 2015
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hi all,
current WildMagic5 (http://www.geometrictools.com/) libraries, rebuilt
with flags for hardened builds
(https://fedoraproject.org/wiki/Changes/Harden_All_Packages), are:
# checksec --dir /usr/lib64 | grep Wm5
Full RELRO No canary found NX enabled DSO No
RPATH No RUNPATH /usr/lib64/libWm5Applications.so.5.13
Full RELRO Canary found NX enabled DSO No
RPATH No RUNPATH /usr/lib64/libWm5Core.so.5.13
Full RELRO Canary found NX enabled DSO No
RPATH No RUNPATH /usr/lib64/libWm5Graphics.so.5.13
Full RELRO Canary found NX enabled DSO No
RPATH No RUNPATH /usr/lib64/libWm5Imagics.so.5.13
Full RELRO Canary found NX enabled DSO No
RPATH No RUNPATH /usr/lib64/libWm5Mathematics.so.5.13
Full RELRO Canary found NX enabled DSO No
RPATH No RUNPATH /usr/lib64/libWm5Physics.so.5.13
Samples executable files are tagged with noPIE: http://fpaste.org/285748/
I don't know how to manage the file with "No canary found" supposing
that i have added all flags correctly.
SPEC file: http://fpaste.org/285749/
Scratch build on F22:
http://koji.fedoraproject.org/koji/taskinfo?taskID=11666621
- --
Antonio Trande
mailto: sagitter 'at' fedoraproject 'dot' org
http://fedoraos.wordpress.com/
https://fedoraproject.org/wiki/User:Sagitter
GPG Key: 0x565E653C
Check on https://keys.fedoraproject.org/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCAAGBQJWNi5qAAoJEF5tK7VWXmU8BOoH/igVYj/2+T7LH0tYpmS2BCNm
KEsm5Yh2dTdb06qe+64dxYUYhP4kcS2BSSXrb0QNxpl/c/5xGiy+lgzkwXgfdWUA
W8q5GR6lsmhqQxFssM9BPONKMM2/+MGwfMc3xS91C5V7G6vIegYAxdNOSBoQwDyy
qYa1SUVGxrw2FgWBQ9hcWe6Dh1vS+TcAn7XKU52HtSQHpsMxJUz9S84qBPHhOxf0
yH8jvE7zio6kSXyPSFv72HKYecJC2wuXBNF3pEKqVL3mukYT0I1uaQAcXocxuuMp
rimWFblKU2uk9ScnZ1WchkznRSswS0EL8IH3w4FMYD532mppmmvhXmSG1IfAGHY=
=97xg
-----END PGP SIGNATURE-----
More information about the devel
mailing list