<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>FYI on OSGeoLive 2020 'Focal' pre-alpha, output shows:</p>
<p><font size="+1"><tt>$ readelf -l /usr/bin/gdalinfo</tt><tt><br>
</tt><tt><br>
</tt><tt>Elf file type is DYN (Shared object file)</tt><tt><br>
</tt><tt>Entry point 0x1870</tt><tt><br>
</tt><tt>There are 13 program headers, starting at offset 64</tt><tt><br>
</tt><tt><br>
</tt><tt>Program Headers:</tt><tt><br>
</tt><tt> Type Offset VirtAddr
PhysAddr</tt><tt><br>
</tt><tt> FileSiz MemSiz
Flags Align</tt><tt><br>
</tt><tt> PHDR 0x0000000000000040 0x0000000000000040
0x0000000000000040</tt><tt><br>
</tt><tt> 0x00000000000002d8 0x00000000000002d8
R 0x8</tt><tt><br>
</tt><tt> INTERP 0x0000000000000318 0x0000000000000318
0x0000000000000318</tt><tt><br>
</tt><tt> 0x000000000000001c 0x000000000000001c
R 0x1</tt><tt><br>
</tt><tt> [Requesting program interpreter:
/lib64/ld-linux-x86-64.so.2]</tt><tt><br>
</tt><tt> LOAD 0x0000000000000000 0x0000000000000000
0x0000000000000000</tt><tt><br>
</tt><tt> 0x0000000000000eb8 0x0000000000000eb8
R 0x1000</tt><tt><br>
</tt><tt> LOAD 0x0000000000001000 0x0000000000001000
0x0000000000001000</tt><tt><br>
</tt><tt> 0x00000000000009e5 0x00000000000009e5
R E 0x1000</tt><tt><br>
</tt><tt> LOAD 0x0000000000002000 0x0000000000002000
0x0000000000002000</tt><tt><br>
</tt><tt> 0x00000000000004c8 0x00000000000004c8
R 0x1000</tt><tt><br>
</tt><tt> LOAD 0x0000000000002ca8 0x0000000000003ca8
0x0000000000003ca8</tt><tt><br>
</tt><tt> 0x0000000000000368 0x0000000000000370
RW 0x1000</tt><tt><br>
</tt><tt> DYNAMIC 0x0000000000002cb8 0x0000000000003cb8
0x0000000000003cb8</tt><tt><br>
</tt><tt> 0x0000000000000200 0x0000000000000200
RW 0x8</tt><tt><br>
</tt><tt> NOTE 0x0000000000000338 0x0000000000000338
0x0000000000000338</tt><tt><br>
</tt><tt> 0x0000000000000020 0x0000000000000020
R 0x8</tt><tt><br>
</tt><tt> NOTE 0x0000000000000358 0x0000000000000358
0x0000000000000358</tt><tt><br>
</tt><tt> 0x0000000000000044 0x0000000000000044
R 0x4</tt><tt><br>
</tt><tt> GNU_PROPERTY 0x0000000000000338 0x0000000000000338
0x0000000000000338</tt><tt><br>
</tt><tt> 0x0000000000000020 0x0000000000000020
R 0x8</tt><tt><br>
</tt><tt> GNU_EH_FRAME 0x0000000000002348 0x0000000000002348
0x0000000000002348</tt><tt><br>
</tt><tt> 0x0000000000000044 0x0000000000000044
R 0x4</tt><tt><br>
</tt><tt> GNU_STACK 0x0000000000000000 0x0000000000000000
0x0000000000000000</tt><tt><br>
</tt><tt> 0x0000000000000000 0x0000000000000000
RW 0x10</tt><tt><br>
</tt><tt> GNU_RELRO 0x0000000000002ca8 0x0000000000003ca8
0x0000000000003ca8</tt><tt><br>
</tt><tt> 0x0000000000000358 0x0000000000000358
R 0x1</tt><tt><br>
</tt><tt><br>
</tt><tt> Section to Segment mapping:</tt><tt><br>
</tt><tt> Segment Sections...</tt><tt><br>
</tt><tt> 00 </tt><tt><br>
</tt><tt> 01 .interp </tt><tt><br>
</tt><tt> 02 .interp .note.gnu.property .note.gnu.build-id
.note.ABI-tag .gnu.hash .dynsym .dynstr .gnu.version
.gnu.version_r .rela.dyn .rela.plt </tt><tt><br>
</tt><tt> 03 .init .plt .plt.got .plt.sec .text .fini </tt><tt><br>
</tt><tt> 04 .rodata .eh_frame_hdr .eh_frame </tt><tt><br>
</tt><tt> 05 .init_array .fini_array .dynamic .got .data
.bss </tt><tt><br>
</tt><tt> 06 .dynamic </tt><tt><br>
</tt><tt> 07 .note.gnu.property </tt><tt><br>
</tt><tt> 08 .note.gnu.build-id .note.ABI-tag </tt><tt><br>
</tt><tt> 09 .note.gnu.property </tt><tt><br>
</tt><tt> 10 .eh_frame_hdr </tt><tt><br>
</tt><tt> 11 </tt><tt><br>
</tt><tt> 12 .init_array .fini_array .dynamic .got </tt><tt><br>
</tt></font><br>
</p>
<div class="moz-cite-prefix">On 8/5/20 12:51 PM, Jim Klassen wrote:<br>
</div>
<blockquote type="cite"
cite="mid:1bf40ce5-403c-fd63-7c98-26e0ef977a79@sharedgeo.org">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
Are you sure you need to supply those flags at all? Are you using
a recent enough Linux Distribution? I haven't build GDAL 2.3 in a
long time (it is very old), I suppose it is possible it is doing
something strange disabling PIE in the build system.<br>
<br>
My build of GDAL 3.1 on Debian 10 built PIE executable by default
(without me specifying any special compiler options).<br>
<br>
For my GDAL 3.1 build:<br>
<tt>$ readelf -l gdalinfo</tt><tt><br>
</tt><tt> </tt><tt><br>
</tt><tt> Elf file type is DYN (Shared object file)</tt><tt><br>
</tt><tt> ...</tt><tt><br>
</tt><tt> </tt><tt><br>
</tt><tt> </tt><br>
<br>
It looks like gcc/g++ in Debian 10 default to building PIE. I'd
expect similar vintage Ubuntu derivatives would do the same:<br>
<br>
<tt>$ cat a.c</tt><tt><br>
</tt><tt>int main() { return 0; }</tt><tt><br>
</tt><tt>$ gcc a.c</tt><tt><br>
</tt><tt>$ file a.out</tt><tt><br>
</tt><tt>a.out: ELF 64-bit LSB </tt><tt><b>pie executable</b></tt><tt>,
x86-64, version 1 (SYSV), dynamically linked, interpreter
/lib64/ld-linux-x86-64.so.2, for GNU/Linux 3.2.0,
BuildID[sha1]=fde557ade69c32cd2554ee888bc892175ae86867, not
stripped</tt><tt><br>
</tt><tt>$ readelf -l a.out</tt><tt><br>
</tt><tt><br>
</tt><tt>Elf file type is DYN (Shared object file)</tt><tt><br>
</tt><tt>...</tt><tt><br>
</tt><br>
<br>
<br>
<div class="moz-cite-prefix">On 8/5/20 9:55 AM, Brian M Hamlin
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:11e9df3a-edfb-ab57-0b79-08407471e74d@light42.com">
<meta http-equiv="Content-Type" content="text/html;
charset=UTF-8">
<p>Hi Kavitha -</p>
<p> In general, specialized security work is outside of the
scope of the <i>educational mission</i> at OSGeoLive project.</p>
<p> ASLR is a security layer ? from Google search..</p>
<p>"<span style="color: rgb(34, 34, 34); font-family: Roboto,
arial, sans-serif; font-size: 16px; font-style: normal;
font-variant-ligatures: normal; font-variant-caps: normal;
font-weight: 400; letter-spacing: normal; orphans: 2;
text-align: left; text-indent: 0px; text-transform: none;
white-space: normal; widows: 2; word-spacing: 0px;
-webkit-text-stroke-width: 0px; background-color: rgb(255,
255, 255); text-decoration-style: initial;
text-decoration-color: initial; display: inline !important;
float: none;">Address Space Layout Randomization (</span><b
style="color: rgb(34, 34, 34); font-family: Roboto, arial,
sans-serif; font-size: 16px; font-style: normal;
font-variant-ligatures: normal; font-variant-caps: normal;
letter-spacing: normal; orphans: 2; text-align: left;
text-indent: 0px; text-transform: none; white-space: normal;
widows: 2; word-spacing: 0px; -webkit-text-stroke-width:
0px; background-color: rgb(255, 255, 255);
text-decoration-style: initial; text-decoration-color:
initial;">ASLR</b><span style="color: rgb(34, 34, 34);
font-family: Roboto, arial, sans-serif; font-size: 16px;
font-style: normal; font-variant-ligatures: normal;
font-variant-caps: normal; font-weight: 400; letter-spacing:
normal; orphans: 2; text-align: left; text-indent: 0px;
text-transform: none; white-space: normal; widows: 2;
word-spacing: 0px; -webkit-text-stroke-width: 0px;
background-color: rgb(255, 255, 255); text-decoration-style:
initial; text-decoration-color: initial; display: inline
!important; float: none;">) is a computer security technique
which involves randomly positioning the base address of an
executable and the position of libraries, heap, and stack,
in a process's address space"</span></p>
<div class="moz-cite-prefix">Security is a concern at OSGeoLive,
but not the primary concern. If you seek direct consulting
hours, please consider a time+money budget to bring in
additional skillsets.</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">If you find a solution, please do
not hesitate to share the results with the GDAL project and
Ubuntu upstream, for better specialized security in the
future. <br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix"> others may have different
resources for you on this topic<br>
</div>
<div class="moz-cite-prefix"> best regards --Brian<br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix"><br>
</div>
<div class="moz-cite-prefix">On 8/5/20 7:32 AM, Kavitha K wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CACLbJJf4EqLvfa6Kvpb-nnREs3mGCKh5_7Df-tZTuJvTOV_JaA@mail.gmail.com">
<meta http-equiv="content-type" content="text/html;
charset=UTF-8">
<div dir="ltr">Hi All,
<div> We are trying to compile the gdal 2.3.2 source with
ASLR . But we are seeing the<br>
Elf file type as EXEC (Executable file) instead DYN.<br>
<br>
Please help us whether gdal build is supported the
compilation with "-Fpie -pie -fPIC".<br>
<br>
Steps which we followed:<br>
<br>
cp gdalDevKits/gdal-2.3.2.tar.gz .<br>
<br>
tar -xvf gdal-2.3.2.tar.gz<br>
<br>
cd gdal-2.3.2<br>
<br>
env CFLAGS="-Fpie -pie -fPIC" ./configure<br>
<br>
make install<br>
<br>
cd /usr/local/bin<br>
<br>
readelf -l gdaltransform<br>
<br>
Elf file type is EXEC (Executable file)<br>
<br>
Entry point 0x40<br>
</div>
<div>Thanks,</div>
<div>Kavitha</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
osgeolive mailing list
<a class="moz-txt-link-abbreviated" href="mailto:osgeolive@lists.osgeo.org" moz-do-not-send="true">osgeolive@lists.osgeo.org</a>
<a class="moz-txt-link-freetext" href="https://lists.osgeo.org/mailman/listinfo/osgeolive" moz-do-not-send="true">https://lists.osgeo.org/mailman/listinfo/osgeolive</a>
</pre>
</blockquote>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
osgeolive mailing list
<a class="moz-txt-link-abbreviated" href="mailto:osgeolive@lists.osgeo.org" moz-do-not-send="true">osgeolive@lists.osgeo.org</a>
<a class="moz-txt-link-freetext" href="https://lists.osgeo.org/mailman/listinfo/osgeolive" moz-do-not-send="true">https://lists.osgeo.org/mailman/listinfo/osgeolive</a>
</pre>
</blockquote>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
osgeolive mailing list
<a class="moz-txt-link-abbreviated" href="mailto:osgeolive@lists.osgeo.org">osgeolive@lists.osgeo.org</a>
<a class="moz-txt-link-freetext" href="https://lists.osgeo.org/mailman/listinfo/osgeolive">https://lists.osgeo.org/mailman/listinfo/osgeolive</a>
</pre>
</blockquote>
</body>
</html>