TIL @firefox doesn't ship PIE binaries 'cos of shit desktop env file managers that consider PIE non-executable.https://bugzilla.mozilla.org/show_bug.cgi?id=1076892 …
-
-
Have you seen what they do on Android? They haphazardly monkey patch libc so they can do lazy loading via access violations.
-
Imagine how much better SW would be forced to be if hardened Linux made access violations raise SIGKILL instead of SIGSEGV.
-
PaX does that for NX violations as part of PAGEEXEC (was originally software NX for i386), but not for other forms of SIGSEGV.
-
Firefox is the only application I've ever seen requiring exceptions from PAGEEXEC, and it has needed them for multiple reasons.
-
Presumably there's a switch to turn off all this cruft at build time? I can't imagine how
@alpinelinux's FF would work w/out. -
Distributions using PaX/grsecurity set PaX exceptions on executables to control the userspace hardening features.
-
I mean all their dynamic linking hacking is almost certainly specific to glibc's dynamic linker, not portable.
-
And of course also Bionic's, separately.
- 3 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.