Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8234809

set relro in linker flags when building with gcc

XMLWordPrintable

    • b25
    • generic
    • linux

        relro is recommended as a binary hardening technique.
        See
        https://wiki.debian.org/Hardening
        "During program load, several ELF memory sections need to be written to by the linker, but can be turned read-only before turning over control to the program. This prevents some GOT (and .dtors) overwrite attacks, but at least the part of the GOT used by the dynamic linker (.got.plt) is still vulnerable."

        Currently this link flag is already set for libjvm, however not for other binaries.

              mbaesken Matthias Baesken
              mbaesken Matthias Baesken
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: