Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8234809

set relro in linker flags when building with gcc

    Details

    • Subcomponent:
    • Resolved In Build:
      b25
    • CPU:
      generic
    • OS:
      linux

      Backports

        Description

        relro is recommended as a binary hardening technique.
        See
        https://wiki.debian.org/Hardening
        "During program load, several ELF memory sections need to be written to by the linker, but can be turned read-only before turning over control to the program. This prevents some GOT (and .dtors) overwrite attacks, but at least the part of the GOT used by the dynamic linker (.got.plt) is still vulnerable."

        Currently this link flag is already set for libjvm, however not for other binaries.

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  mbaesken Matthias Baesken
                  Reporter:
                  mbaesken Matthias Baesken
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  1 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: