Crystal: Adding a flag to make available security hardening in compiled executables
Crystal 0.25.0 [7fb783f7a] (2018-06-11)
LLVM: 4.0.0
Default target: x86_64-unknown-linux-gnu
OS: Debian 9
Any generated executable is affected.
bash &> hardening-check ./executable
./executable:
Position Independent Executable: yes
Stack protected: no, not found!
Fortify Source functions: no, only unprotected functions found!
Read-only relocations: yes
Immediate binding: no, not found!
Most of the flags are not enabled, this is te output of a --release build.
Zenohate
All 4 comments
Sorry, you probably know what you're talking about but we have no clue. Please add more details or at least documentation references. Thanks.
ysbaddaden
on 12 Aug 2018
I am talking about protection from stack smashing and similar attacks as well as attacks on link-time behaviour of compiled softwares.
For stack protection, there is the class used in the C++ LLVM documentation:
The rest is about the relocations for dynamically linked libraries happening at the start of the executable and for the relocation tables to be marked as read only after that. This prevents modifications of the behaviour of an executable while it is running.
Zenohate
on 16 Sep 2018
For stack protection, there is the class used in the C++ LLVM documentation:
You forgot to put the class...
refi64
on 16 Sep 2018
You forgot to put the class
I was dumber, the link text was a space
Zenohate
on 16 Sep 2018
Related issues
ArthurZ
路
3Comments
RX14
路
3Comments
cjgajard
路
3Comments
asterite
路
3Comments
will
路
3Comments
Most helpful comment
Sorry, you probably know what you're talking about but we have no clue. Please add more details or at least documentation references. Thanks.