Recent

Author Topic: Wiki of hardening  (Read 3781 times)

Fred vS

  • Hero Member
  • *****
  • Posts: 3305
    • StrumPract is the musicians best friend
Wiki of hardening
« on: May 15, 2023, 06:20:38 pm »
Hello.

In the wiki: https://wiki.freepascal.org/hardening

There is a example with result.
I did compile the demo using the parameters with fpc 3.3.1 (because 3.2.2 does not allow it).

But I dont get same result as wiki:
Quote
program Test;
{$linklib c}
begin
  writeln('test');
end.

Compile with this -
fpc  -Cg  -k-pie  -k-znow  test.pas

And examine the result -

$> file test [enter]
test: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.4.0, stripped

My result has LSB pie executable (that means, afaik, that the binary was hardened)

Code: Bash  [Select][+][-]
  1. file test
  2. test: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.4.0, stripped
  3.  

Also, there was no strip parameter used, so why file reports the binary as stripped ?

What do I miss ?
« Last Edit: May 15, 2023, 06:29:14 pm by Fred vS »
I use Lazarus 2.2.0 32/64 and FPC 3.2.2 32/64 on Debian 11 64 bit, Windows 10, Windows 7 32/64, Windows XP 32,  FreeBSD 64.
Widgetset: fpGUI, MSEgui, Win32, GTK2, Qt.

https://github.com/fredvs
https://gitlab.com/fredvs
https://codeberg.org/fredvs

MarkMLl

  • Hero Member
  • *****
  • Posts: 7502
Re: Wiki of hardening
« Reply #1 on: May 16, 2023, 10:05:38 am »
Also, there was no strip parameter used, so why file reports the binary as stripped ?

What happens if you explicitly specify that debugging information should be included?

MarkMLl
MT+86 & Turbo Pascal v1 on CCP/M-86, multitasking with LAN & graphics in 128Kb.
Logitech, TopSpeed & FTL Modula-2 on bare metal (Z80, '286 protected mode).
Pet hate: people who boast about the size and sophistication of their computer.
GitHub repositories: https://github.com/MarkMLl?tab=repositories

TRon

  • Hero Member
  • *****
  • Posts: 3145
Re: Wiki of hardening
« Reply #2 on: May 16, 2023, 10:59:09 am »
Also, there was no strip parameter used, so why file reports the binary as stripped ?

What do I miss ?
As a guess: fpc.cfg ?

compile with -va to see what FPC picks up (if anything)
All software is open source (as long as you can read assembler)

Fred vS

  • Hero Member
  • *****
  • Posts: 3305
    • StrumPract is the musicians best friend
Re: Wiki of hardening
« Reply #3 on: May 16, 2023, 01:47:19 pm »
Also, there was no strip parameter used, so why file reports the binary as stripped ?

What happens if you explicitly specify that debugging information should be included?

MarkMLl

Hello Mark.

Well seen, indeed with "-ghl" parameter it is not stripped.

Code: Pascal  [Select][+][-]
  1. > file test
  2.  
  3. test: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.4.0, with debug_info, not stripped
  4.  

So good to know that, by default, the binary is stripped.

Thanks.

As a guess: fpc.cfg ?

Hello TRon.
No, nothing in fpc.cfg that could explain the "stripped".

[EDIT] Even without hardening and with fpc 3.2.2 or fpc 3.3.1. the binary is declared as stripped  (even compiled without any parameter, like fpc test ).

Fre;D

« Last Edit: May 16, 2023, 03:25:54 pm by Fred vS »
I use Lazarus 2.2.0 32/64 and FPC 3.2.2 32/64 on Debian 11 64 bit, Windows 10, Windows 7 32/64, Windows XP 32,  FreeBSD 64.
Widgetset: fpGUI, MSEgui, Win32, GTK2, Qt.

https://github.com/fredvs
https://gitlab.com/fredvs
https://codeberg.org/fredvs

 

TinyPortal © 2005-2018