Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Auditing Binary for No-Exec Heaps?
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Duplicate Threads
View previous topic :: View next topic  
Author Message
noloader
n00b
n00b


Joined: 12 Aug 2012
Posts: 7

PostPosted: Sat Aug 18, 2012 9:39 pm    Post subject: Auditing Binary for No-Exec Heaps? Reply with quote

Hi All,

[Repost in Programming from Other Things Gentoo, http://forums.gentoo.org/viewtopic-t-933454-highlight-.html].

I'm attempting to audit a binary for compliance with no-exec heaps on Gentoo. The binary was compiled with -z,noexecheap (-z,noexecheap is a Gentoo extension). GCC and LD took the switch with no complaints. LD complains on systems which don't honor the option.

I having trouble confirming a binary was compiled with no-exec heaps. Due to lack of information of the topic, I presumed a no-exec heap was implemented in similar fashion to a no-exec stack. I've tried using readelf and '-l', '-s' and '-d', but I get no hits:
Code:
readelf -l sample.exe | grep -i "HEAP"


A similar search for a no-exec stack with "GNU_STACK" does return a hit:
Code:
 $ readelf -l sample.exe | grep -i "GNU_STACK"
$ GNU_STACK 0x00000000 0x00000000 0x00000000


From above, I know the executable is marked with PT_GNU_STACK and its size is 0. Therefore, its a no-exec stack (http://www.airs.com/blog/archives/518).

How does Gentoo mark a binary for no-exec heaps? How does one audit it?

Thanks in advance,
Jeff
Back to top
View user's profile Send private message
John R. Graham
Administrator
Administrator


Joined: 08 Mar 2005
Posts: 7803
Location: Somewhere over Atlanta, Georgia

PostPosted: Sun Aug 19, 2012 1:41 am    Post subject: Reply with quote

Moved from Portage & Programming to Duplicate Threads. Proper procedure is to report your thread and ask that it be moved. I'll do that for you right now. :wink:

- John
_________________
This space intentionally left blank.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Duplicate Threads All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum