This is the mail archive of the
binutils@sources.redhat.com
mailing list for the binutils project.
Re: [PATCH] ELF section to segment mapping adjustments
- From: Ian Lance Taylor <ian at airs dot com>
- To: "Jan Beulich" <JBeulich at novell dot com>
- Cc: <binutils at sources dot redhat dot com>
- Date: 10 May 2005 12:05:23 -0400
- Subject: Re: [PATCH] ELF section to segment mapping adjustments
- References: <s280e191.021@emea1-mh.id2.novell.com>
"Jan Beulich" <JBeulich@novell.com> writes:
> >>> Ian Lance Taylor <ian@airs.com> 10.05.05 17:12:55 >>>
> >"Jan Beulich" <JBeulich@novell.com> writes:
> >
> >> Shouldn't the executable permission be handled like the writeable one, i.e.
> >> attempting to not merge sections with different permissions into one
> >> segment?
> >
> >If we break a segment to avoid merging a non-executable section with
> >an executable section, then we will wind up putting .text and .rodata
> >into different segments. We don't want to do that in the normal case.
>
> I understand that's been the traditional behavior, but I don't know
> why exactly this is happening (except for space saving
> reasons). With attempts in various places to close holes where one
> can execute stuff in memory that shouldn't really be executed, it'd
> seem to me that more enforcement in this area would be quite
> reasonable to expect...
Those holes are related to writable memory. It would be a big mistake
to merge a writable section with an executable section and thus make
the segment writable. But it does no harm to have read-only data
mixed into an executable segment. Sure, the person doing the link
could put then execute data which is in the .rodata section. But they
can already put that same data into the .text section, so there is no
additional vulnerability.
Saving space is less important than security, but it is not of
neglible importance.
Ian