-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Aug 09, 2017 at 02:49:06PM +0000, 慕 冬亮 wrote: > > > On 08/09/2017 10:31 AM, Thomas Schmitt wrote: > > Hi, > > > > 慕 冬亮 <mudonglianga...@hotmail.com> wrote: > >> When does Debian Team, or Security Team decide to enable PIE by default? > > I guess it was one year ago. At least that's the dates one can see on > > https://wiki.debian.org/Hardening/PIEByDefaultTransition > Such a good news for me, a student learning information security. > However, I have a doubt, why does Debian enable PIE by default, other > than stack protector and FORTIFY_SOURCE that are already enabled by > default in the Ubuntu distribution? > > I think stack protector(FORTIFY_SOURCE) has less overhead than PIE.
As far as I understand, stack protection and/or FORTIFY_SOURCE are about protecting from buffer overflows. Stack protection sounds pretty generic, in the case of FORTIFY_SOURCE, it's the compiler doing extra compile-time checks (when possible) and inserting extra run-time check code. PIE isn't a security measure in itself -- it just allows such code to be dynamically mapped at any address. But it enables address space layout randomisation [1], which isn't a security measure in itself either, but a *mitigation* technique: if an attacker has already managed to take control of your program counter (e.g. by rewriting a return address... possibly via a stack overflow, see above), you make his/her life harder by not putting (potentially useful) code at a place (s)he knows how to find. It's like putting a chair in a dark room. Of course you should try to make your door and lock as secure as possible. But just in case... > No System Is Safe! exactly :-) Cheers -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlmMERMACgkQBcgs9XrR2kantACfXjHdLt0pWUu3sV6sui/8SB4F J7UAnR0WzXmHw2WETK9UddYeHTjmc1u/ =MhEm -----END PGP SIGNATURE-----