[Bug 507744] [NEW] build with PIE to gain remaining ASLR support
Kees Cook
kees at ubuntu.com
Fri Jan 15 01:21:37 UTC 2010
Public bug reported:
Binary package hint: xulrunner-1.9.1
The xulrunner stub used to build firefox is still non-relocatable, so a
portion of the firefox memory image is predictable. As part of the
security team workitems, firefox should be built PIE. There are no
performance regressions, as tested by a javascript performance tool:
http://dromaeo.com/?id=85736,85789,85802,85818
First two are stock firefox, second two are PIE firefox.
Attaching branches that implement PIE via hardening-wrapper. I
attempted to use hardening-includes, but something in the build does not
correctly respect CFLAGS, CXXFLAGS, or LDFLAGS defined in the
debian/rules file.
** Affects: firefox-3.5 (Ubuntu)
Importance: Undecided
Status: New
** Affects: xulrunner-1.9.1 (Ubuntu)
Importance: Undecided
Status: New
** Also affects: firefox-3.5 (Ubuntu)
Importance: Undecided
Status: New
--
build with PIE to gain remaining ASLR support
https://bugs.launchpad.net/bugs/507744
You received this bug notification because you are a member of Mozilla
Bugs, which is subscribed to xulrunner-1.9.1 in ubuntu.
More information about the Ubuntu-mozillateam-bugs
mailing list