Re: PostgreSQL and ASLR on Linux - Mailing list pgsql-hackers

From Andres Freund
Subject Re: PostgreSQL and ASLR on Linux
Date
Msg-id 20130805011010.GB18140@alap2.anarazel.de
Whole thread Raw
In response to Re: PostgreSQL and ASLR on Linux  (Robert Haas <robertmhaas@gmail.com>)
List pgsql-hackers
On 2013-08-04 21:07:02 -0400, Robert Haas wrote:
> On Sun, Aug 4, 2013 at 8:54 PM, Andres Freund <andres@2ndquadrant.com> wrote:
> >> AFAIK you've got it backwards: ASLR is something that happens
> >> automatically, unless you take steps to suppress it, at least on MacOS
> >> X.  I not long ago built with EXEC_BACKEND on that platform and found
> >> that it broke stuff until I disabled ASLR.
> >
> > ALSR for code can only happen if code is built as position independent
> > code, otherwise addresses are hardcoded. That is - in modern unixoid
> > systems - nearly always the case for shared libraries et al, but not
> > necessarily for plain binaries or statically linked code. The above
> > referenced -fPIC and -pie make the code/executable position independent.
> 
> Ah, for code, yeah, I suppose that would be true.  In the case I
> mentioned though, though, it definitely seemed that other things were
> moving around each time through, particularly the stack.

Oh, yes. Those just don't require PIE executables, so you can see the
problem independently and to my knowledge their price is far lower.

I personally think that that property/requirement of EXEC_BACKEND is
going to come from behind and bite us hard...

Greetings,

Andres Freund

-- Andres Freund                       http://www.2ndQuadrant.com/PostgreSQL Development, 24x7 Support, Training &
Services



pgsql-hackers by date:

Previous
From: Robert Haas
Date:
Subject: Re: PostgreSQL and ASLR on Linux
Next
From: Tom Lane
Date:
Subject: Re: PostgreSQL and ASLR on Linux