[devel] Fwd: lj_udrepper: Text Relocations

[Led]

В сообщении от 6 июня 2006 18:29 Alexey Tourbin написал(a):
> textrelocs.html -- довольно интересный текст.
>
>
> ----- Forwarded message from rss2mail2 -----
>
> Text Relocations at 03-06-2006 17:50:03
> http://udrepper.livejournal.com/10666.html
>    People treated creating DSOs with text relocations so far cavalier
>    offense. The runtime automatically works around the problems the
>    programmers are responsible for and the costs and risks are not
>    immediately visible unless one thinks about the issue.
>
>    This changed with the SELinux memory protection bits which are enabled
>    in FC5 and later. Text relocations are a fatal flaw of a DSO or PIE
>    and must be avoided. Since people complain that it's hard to fix the
>    problem I've written code and wrote a little article on [0] how to fix
>    them.
>
>    For completeness I should mention that it is possible to label DSOs so
>    that the kernel allows text relocations. This is done using the
>    textrel_shlib_t label. But this really never should be regarded as a
>    solution, it's a work-around. Denying text relocations is a major
>    security feature.
>
>    [0] http://people.redhat.com/drepper/textrelocs.html
>
> ----- End forwarded message -----

Ага, особенно вот это "порадовало":

"If the problem is indeed the result of hand-written assembler code the 
solution is not as simple as adding a compiler/assembler flag. The code needs 
to be rewritten. This is architecture specific and can vary widely between 
every single instance. We are not going into those details here. Find a 
person with sufficient assembly programming skills if this problem appears."

:(

-- 
Led.