From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1NOJez-0004Xe-TP for garchives@archives.gentoo.org; Fri, 25 Dec 2009 23:33:30 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 0CC51E085A; Fri, 25 Dec 2009 23:31:33 +0000 (UTC) Received: from r00tworld.com (r00tworld.com [212.85.137.21]) by pigeon.gentoo.org (Postfix) with ESMTP id A294CE085A for ; Fri, 25 Dec 2009 23:31:32 +0000 (UTC) Received: from localhost (localhost.localdomain [127.0.0.1]) by r00tworld.com (8.13.1/8.13.1) with ESMTP id nBPNVNrv012244; Sat, 26 Dec 2009 00:31:23 +0100 Received: from r00tworld.com ([127.0.0.1]) by localhost (r00tworld.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 02984-08; Sat, 26 Dec 2009 00:31:21 +0100 (CET) Received: from [192.168.1.14] (x.r00tworld.com [212.85.137.21]) by r00tworld.com (8.13.1/8.13.1) with ESMTP id nBPNVGRO012235 (version=TLSv1/SSLv3 cipher=DES-CBC3-SHA bits=168 verify=NO); Sat, 26 Dec 2009 00:31:16 +0100 From: pageexec@freemail.hu To: tinhat@opensource.dyc.edu, gentoo-hardened@lists.gentoo.org, hardened-dev@gentoo.org Date: Sat, 26 Dec 2009 00:31:11 +0200 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-hardened@lists.gentoo.org Reply-to: gentoo-hardened@lists.gentoo.org MIME-Version: 1.0 Subject: Re: [gentoo-hardened] Tin Hat 20091218 is out! Message-ID: <4B354B3F.22330.7D30C17@pageexec.freemail.hu> Priority: normal In-reply-to: <4B2F8880.7080707@opensource.dyc.edu> References: <4B2F8880.7080707@opensource.dyc.edu> X-mailer: Pegasus Mail for Windows (4.51) Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Content-description: Mail message body X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-2.1.12 (r00tworld.com [212.85.137.21]); Sat, 26 Dec 2009 00:31:17 +0100 (CET) X-Virus-Scanned: r00tworld Anti-Virus System X-Archives-Salt: ebeb33d7-aea1-4b56-8539-cf679a2d0df7 X-Archives-Hash: 357fa4d83b16e01c8e557143ef899c61 On 21 Dec 2009 at 9:38, basile wrote: > Tobias Klein from trapkit.de was kind enough to allow us to bundle his > checksec.sh script which tests system binaries or running processes for > relro, ssp, nx, pie and aslr. Every binary shows these hardening > features enabled except X and evolution which have only partial relro. > A comparison of a running Tin Hat system and a running Ubuntu system can > be see at > > http://opensource.dyc.edu/sites/default/files/karmic-checksec.txt > http://opensource.dyc.edu/sites/default/files/tinhat-checksec.txt what are the causes for the partial RELRO results?