* Re: [gentoo-user] Canary Pies
@ 2017-12-17 14:42 99% ` Michael Orlitzky
0 siblings, 0 replies; 1+ results
From: Michael Orlitzky @ 2017-12-17 14:42 UTC (permalink / raw
To: gentoo-user
On 12/16/2017 10:43 PM, tuxic@posteo.de wrote:
> Hi,
>
> Currently I am scanning directories of my system with checksec to
> identify relevant files of haveing "No PIE" or "No canary found" set.
>
> Is there any technical reason for which such files cannot be compiled
> in a way so they have "PIE" and "Canary found" set ?
Some packages with hand-written assembly will fail to compile with the
stack-smashing protection enabled. That should be rare, though. For PIE
I'm not sure.
> How "dangerous" is that ?
Not very, but it depends on the package. If it's a game, who cares. If
it's a library used by firefox, you probably want the extra protection.
^ permalink raw reply [relevance 99%]
Results 1-1 of 1 | reverse | options above
-- pct% links below jump to the message on this page, permalinks otherwise --
2017-12-17 3:43 [gentoo-user] Canary Pies tuxic
2017-12-17 14:42 99% ` Michael Orlitzky
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox