Project

General

Profile

Actions
Copy link

Feature #1527

closed
SW AG

Add ability to compile as a Position-Independent Executable (PIE)

Feature #1527: Add ability to compile as a Position-Independent Executable (PIE)

Added by Shawn Webb almost 11 years ago. Updated over 10 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Alexander Gozman
Target version:
3.0RC1
Effort:
Difficulty:
Label:

Description

In order to apply ASLR fully to Suricata, Suricata needs to be able to compile as a Position-Independent Executable (PIE). It seems that simply adding -fPIE to CFLAGS/CXXFLAGS and -pie to LDFLAGS doesn't work as that will cause a linking failure with util-time. I would suggest adding an --enable-pie flag to autoconf that will add those CFLAGS/CXXFLAGS/LDFLAGS to the right spots.

I've tried to use those flags myself. I'm running HardenedBSD 11-CURRENT/amd64. Here's a log of the build of my build attempt with the custom flags: http://ix.io/keX

Files

Download all files
2016-01-12_suricata-3.0.r3.log (329 KB) 2016-01-12_suricata-3.0.r3.log Build log Shawn Webb, 01/12/2016 07:40 AM
suricata-3.0.r3.log (336 KB) suricata-3.0.r3.log Alexander Gozman, 01/13/2016 06:38 AM
Actions
Copy link

Also available in: PDF Atom