From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-dev+bounces-49543-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1RpQ4w-0002Cg-2D
	for garchives@archives.gentoo.org; Mon, 23 Jan 2012 20:01:26 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id AED98E0BC2;
	Mon, 23 Jan 2012 20:01:13 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	by pigeon.gentoo.org (Postfix) with ESMTP id 8FBD6E0AC1
	for <gentoo-dev@lists.gentoo.org>; Mon, 23 Jan 2012 20:00:43 +0000 (UTC)
Received: from mail-pz0-f53.google.com (mail-pz0-f53.google.com [209.85.210.53])
	(using TLSv1 with cipher RC4-SHA (128/128 bits))
	(No client certificate requested)
	(Authenticated sender: floppym)
	by smtp.gentoo.org (Postfix) with ESMTPSA id 0E1871B4008
	for <gentoo-dev@lists.gentoo.org>; Mon, 23 Jan 2012 20:00:43 +0000 (UTC)
Received: by dadv6 with SMTP id v6so1695546dad.40
        for <gentoo-dev@lists.gentoo.org>; Mon, 23 Jan 2012 12:00:41 -0800 (PST)
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
MIME-Version: 1.0
Received: by 10.68.72.198 with SMTP id f6mr24367422pbv.6.1327348841799; Mon,
 23 Jan 2012 12:00:41 -0800 (PST)
Received: by 10.142.132.3 with HTTP; Mon, 23 Jan 2012 12:00:41 -0800 (PST)
In-Reply-To: <CAHmME9q9L1n5yyX4MevnM3aVw6mGxCxgB94OchAL4sONtV90Ag@mail.gmail.com>
References: <CAHmME9oDzehZRbOM90u4viQa+xQuHQGyZfcvtqY-8JEWfDSUdA@mail.gmail.com>
	<1327346549.60706.35.camel@titan.home.flameeyes.eu>
	<CAHmME9q1-C3i35G3rWjpiSS5+S-MLKeLfhiA_X_DyOVCv0WH+Q@mail.gmail.com>
	<1327347460.60706.44.camel@titan.home.flameeyes.eu>
	<CAHmME9r_7J8+6jLK+Fc36F8XiMny6pmaL7E3n4DfOtoFTrj4pQ@mail.gmail.com>
	<CAJ0EP40fFda0P7crD6_UAjXBr-1dioxbVv5cqoV3fNaBCOQ7OA@mail.gmail.com>
	<CAHmME9q9L1n5yyX4MevnM3aVw6mGxCxgB94OchAL4sONtV90Ag@mail.gmail.com>
Date: Mon, 23 Jan 2012 15:00:41 -0500
Message-ID: <CAJ0EP42C2e9ggiWAa7+JKvy73b5SWgbaa81m247b=f54aaObUQ@mail.gmail.com>
Subject: Re: [gentoo-dev] Re: Can we get PIE on all SUID binaries by default,
 por favor?
From: Mike Gilbert <floppym@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Content-Type: text/plain; charset=UTF-8
X-Archives-Salt: 148ac13d-26c3-4d90-8363-f07484e0ac33
X-Archives-Hash: 8a1ac0a0fb0e15bf24d98feeb45cb271

On Mon, Jan 23, 2012 at 2:57 PM, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> To check for PIE,
>
> readelf -h /bin/su | grep Type
>
> If it says EXEC, no PIE. If it says DYN, yes PIE.

I'm asking "how does one enable PIE/ASLR", not how to check if it is
enabled already.