[Snort-devel] RELRO security in Snort-2.9.x

Bill Parker wp02855 at ...2499...
Tue Mar 15 16:22:04 EDT 2016


Hi All,

   Does anyone have a take on this:

*-Wl,-z,relro,-z,now*
RELRO (read-only relocation). The options relro & now specified together
are known as "Full RELRO". You can specify "Partial RELRO" by omitting the
now flag. RELRO marks various ELF memory sections read­only (E.g. the GOT
<http://stackoverflow.com/questions/9688076/process-linkage-table-and-global-offset-table>
)

This is an option to gcc, when I run a checksec.sh script against the snort
binary, it comes back with Partial RELRO, rather than FULL.

Bill
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20160315/8db0a34c/attachment.html>


More information about the Snort-devel mailing list