Changeset c49c1fb for chapter08/gcc.xml


Ignore:
Timestamp:
09/11/2022 10:30:10 PM (20 months ago)
Author:
Thomas Trepl (Moody) <thomas@…>
Branches:
multilib
Children:
c1a6423d
Parents:
530771a (diff), e5e442c (diff)
Note: this is a merge changeset, the changes displayed below correspond to the merge itself.
Use the (diff) links above to see all the changes relative to each parent.
Message:

Automatic merge of trunk into multilib

File:
1 edited

Legend:

Unmodified
Added
Removed

  • chapter08/gcc.xml

    r530771a rc49c1fb  
    125125    </variablelist>
    126126
    127     <note id="pie-ssp-info" xreflabel="note on PIE and SSP">
     127    <note>
     128      <anchor id="pie-ssp-info" xreflabel="note on PIE and SSP"/>
    128129      <para>
    129         PIE (position independent executable) is a technique to produce
    130         binary programs that can be loaded anywhere in memory. Together
    131         with a feature named ASLR (Address Space Layout Randomization),
    132         this allows programs to never have the same memory layout,
    133         thus defeating attacks based on reproducible memory patterns.
     130        PIE (position-independent executable) is a technique to produce
     131        binary programs that can be loaded anywhere in memory.  Without PIE,
     132        the security feature named ASLR (Address Space Layout Randomization)
     133        can be applied for the shared libraries, but not the exectutable
     134        itself.  Enabling PIE allows ASLR for the executables in addition to
     135        the shared libraries, and mitigates some attacks based on fixed
     136        addresses of sensitive code or data in the executables.
    134137      </para>
    135138      <para>
     
    137140        that the parameter stack is not corrupted. Stack corruption can
    138141        for example alter the return address of a subroutine,
    139         which would allow transferring control to an attacker program instead
    140         of the original one.
     142        which would allow transferring control to some dangerous code
     143        (existing in the program or shared libraries, or injected by the
     144        attacker somehow) instead of the original one.
    141145      </para>
    142146    </note>
     
    148152    <important>
    149153      <para>In this section, the test suite for GCC is considered
    150       important, but it takes a long time. First time builders are 
     154      important, but it takes a long time. First time builders are
    151155      encouraged to not skip it.  The time to run the tests can be
    152156      reduced significantly by adding -jx to the make command below
Note: See TracChangeset for help on using the changeset viewer.