BuiltPIE

Differences between revisions 1 and 23 (spanning 22 versions)
Revision 1 as of 2008-11-19 17:47:08
Size: 471
Editor: sites
Comment:
Revision 23 as of 2011-02-19 00:28:05
Size: 4499
Editor: c-76-105-168-175
Comment: chromium is built pie too
Deletions are marked like this. Additions are marked like this.
Line 5: Line 5:
== Built as Position Independent Executabes ==
 * Hardy
  * openssh
 * Intrepid
  * apache2
  * bind9
  * openldap
  * postfix
  * cups
  * postgresql-8.3
  * samba
  * dovecot
  * dhcp3		 These packages are built with "hardening-wrapper", or similar native build options. The primary purpose is to gain PIE (and as of Ubuntu 9.10, {{{-Wl,-z,now}}}).
Line 19: Line 7:
=== Supported Position Independent Executables in main ===
|| '''Source package''' || '''8.04 LTS''' || '''9.04''' || '''9.10''' || '''10.04 LTS''' || '''10.10''' || '''11.04''' ||
|| openssh (native) || yes || yes || yes || yes || yes || yes ||
|| apache2 || -- || yes || yes || yes || yes || yes ||
|| bind9 || -- || yes || yes || yes || yes || yes ||
|| openldap || -- || yes || yes || yes || yes || yes ||
|| postfix || -- || yes || yes || yes || yes || yes ||
|| cups || -- || yes || yes || yes || yes || yes ||
|| postgresql-8.3 || -- || yes || yes || yes || yes || yes ||
|| samba (native) || -- || yes || yes || yes || yes || yes ||
|| dovecot || -- || yes || yes || yes || yes || yes ||
|| dhcp3 || -- || yes || yes || yes || yes || yes ||
|| ntp || -- || -- || yes || yes || yes || yes ||
|| amavisd-new || -- || -- || yes || yes || yes || yes ||
|| squid || -- || -- || yes || yes || yes || yes ||
|| cyrus-sasl2 || -- || -- || yes || yes || yes || yes ||
|| exim4 || -- || -- || yes || yes || yes || yes ||
|| nagios3 || -- || -- || yes || yes || yes || yes ||
|| nagios-plugins || -- || -- || yes || yes || yes || yes ||
|| xinetd || -- || -- || yes || yes || yes || yes ||
|| ipsec-tools || -- || -- || yes || yes || yes || yes ||
|| mysql-dfsg-5.1 || -- || -- || yes || yes || yes || yes ||
|| evince || -- || -- || -- || yes || yes || yes ||
|| firefox || -- || -- || -- || yes || yes || yes ||
|| gnome-control-center || -- || -- || -- || -- || -- || yes ||
|| tiff || -- || -- || -- || -- || -- || yes ||
|| totem || -- || -- || -- || -- || -- || yes ||



=== Community supported Position Independent Executables ===
|| '''Source package''' || '''8.04 LTS''' || '''9.04''' || '''9.10''' || '''10.04 LTS''' || '''10.10''' || '''11.04''' ||
|| asterisk || -- || -- || yes || yes || yes || yes ||
|| sendmail || -- || -- || yes || yes || yes || yes ||
|| openbsd-inetd || -- || -- || yes || yes || yes || yes ||
|| wireshark || -- || -- || yes || yes || yes || yes ||
|| chromium-browser || -- || -- || -- || -- || yes || yes ||

These packages are built with "hardening-wrapper", or similar native build options. The primary purpose is to gain PIE (and as of Ubuntu 9.10, -Wl,-z,now).

Supported Position Independent Executables in main

Source package

8.04 LTS

9.04

9.10

10.04 LTS

10.10

11.04

openssh (native)

yes

yes

yes

yes

yes

yes

apache2

--

yes

yes

yes

yes

yes

bind9

--

yes

yes

yes

yes

yes

openldap

--

yes

yes

yes

yes

yes

postfix

--

yes

yes

yes

yes

yes

cups

--

yes

yes

yes

yes

yes

postgresql-8.3

--

yes

yes

yes

yes

yes

samba (native)

--

yes

yes

yes

yes

yes

dovecot

--

yes

yes

yes

yes

yes

dhcp3

--

yes

yes

yes

yes

yes

ntp

--

--

yes

yes

yes

yes

amavisd-new

--

--

yes

yes

yes

yes

squid

--

--

yes

yes

yes

yes

cyrus-sasl2

--

--

yes

yes

yes

yes

exim4

--

--

yes

yes

yes

yes

nagios3

--

--

yes

yes

yes

yes

nagios-plugins

--

--

yes

yes

yes

yes

xinetd

--

--

yes

yes

yes

yes

ipsec-tools

--

--

yes

yes

yes

yes

mysql-dfsg-5.1

--

--

yes

yes

yes

yes

evince

--

--

--

yes

yes

yes

firefox

--

--

--

yes

yes

yes

gnome-control-center

--

--

--

--

--

yes

tiff

--

--

--

--

--

yes

totem

--

--

--

--

--

yes

Community supported Position Independent Executables

Source package

8.04 LTS

9.04

9.10

10.04 LTS

10.10

11.04

asterisk

--

--

yes

yes

yes

yes

sendmail

--

--

yes

yes

yes

yes

openbsd-inetd

--

--

yes

yes

yes

yes

wireshark

--

--

yes

yes

yes

yes

chromium-browser

--

--

--

--

yes

yes

CategorySecurityTeam

SecurityTeam/KnowledgeBase/BuiltPIE (last edited 2017-06-16 13:04:26 by jdstrand)