Lion sandboxing (was: RE: efence patch for darwin)
Jeff Johnson
n3npq at mac.com
Thu Apr 28 07:42:45 PDT 2011
On Apr 28, 2011, at 10:34 AM, Vincent wrote:
> Le 26 avr. 2011 à 16:15, Jeff Johnson a écrit :
>
>> And I'm still patiently waiting to see Lion "sandboxing" on my lappie ...
>
> In the man page of ld, I see this:
>
> -pie This makes a special kind of main executable that is position independent (PIE). On Mac OS X 10.5 and later, the OS the OS will load a PIE at a random address each time it is executed. You cannot create a PIE from .o files compiled with -mdynamic-no-pic. That means the codegen is less optimal, but the address randomization adds some security. When targeting Mac OS X 10.7 or later PIE is the default for x86_64 main executables.
>
Yes ... but ...
In ELF, recent (4 or more years ago) changes for PIE executable have made
certain voo-doo rearrangements of loader sections so that hardware enforced
PROT_READ memory mappings can prevent some very subtle buffer overrun exploits
across executable sections.
I haven't a clue whether mach-o != elf has any benefit from PIE executables though.
Meanwhile sandboxing -- the latest Newer! Better! Bestest! BUZZ! BUZZ! BUZZ! --
is usually a different and more complex implementation. PIE per-se provides
no isolation whatsoever, merely stirs the bit soup so that additional data
becomes read-only.
> I don't know if it helps…
>
> 73 from Vince (was f5rcs)
;-)
73 de Jeff
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4645 bytes
Desc: not available
URL: <http://lists.macosforge.org/pipermail/macports-dev/attachments/20110428/2d3e43a3/attachment.bin>
More information about the macports-dev
mailing list