opensourcemirror
/
opnsense-src
mirror of https://github.com/opnsense/src.git
1
0
Fork 0
Code Issues Releases Wiki Activity

HBSD: Set PAX_HARDENING_NOSHLIBRANDOM in the RTLD by default 

With OPNsense's removal of the AT_PAXFLAGS auxvec (to maintain ABI
compat with FreeBSD), SHLIBRANDOM ended up being enabled by default.
This patch emulates HardenedBSD's default disabled state for
SHLIBRANDOM.

Signed-off-by:	Shawn Webb <shawn.webb@hardenedbsd.org>
This commit is contained in:
Shawn Webb 2020-09-17 10:23:49 -04:00
parent 5a45b71a5b
commit dc1b6c6278
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
libexec/rtld-elf/rtld.c
View File

@ -230,7 +230,7 @@ static unsigned int obj_count; /* Number of objects in obj_list */
static unsigned int obj_loads; /* Number of loads of objects (gen count) */
#ifdef HARDENEDBSD
static Elf_Word pax_flags = 0; /* PaX / HardenedBSD flags */
static Elf_Word pax_flags = PAX_HARDENING_NOSHLIBRANDOM; /* PaX / HardenedBSD flags */
#endif
static Objlist list_global = /* Objects dlopened with RTLD_GLOBAL */