1berry/nodejs
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

build: add '-z relro -z now' linker flags

Browse Source 
These flags could make some sections and the GOT entries of node
process read only to avoid being modified after dynamic linking is
done, thus the security could be enhanced.

Fixes: https://github.com/nodejs/node/issues/20122
PR-URL: https://github.com/nodejs/node/pull/20513
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
This commit is contained in:
Shao,Ting 2018-05-03 16:51:56 +08:00 committed by Anna Henningsen
parent fcc46ee5a9
commit 2d4dd10829
No known key found for this signature in database
GPG Key ID: 9C63F3A6CD2AD8F9
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
node.gypi
View File

@ -291,7 +291,10 @@
[ 'OS=="sunos"', { [ 'OS=="sunos"', {
'ldflags': [ '-Wl,-M,/usr/lib/ld/map.noexstk' ], 'ldflags': [ '-Wl,-M,/usr/lib/ld/map.noexstk' ],
}], }],
[ 'OS in "freebsd linux"', {
'ldflags': [ '-Wl,-z,relro',
'-Wl,-z,now' ]
}],
[ 'node_use_openssl=="true"', { [ 'node_use_openssl=="true"', {
'defines': [ 'HAVE_OPENSSL=1' ], 'defines': [ 'HAVE_OPENSSL=1' ],
'conditions': [ 'conditions': [