OpenSUSE Tumbleweed Is Now Built With PIE
The rolling-release openSUSE Tumbleweed distribution is now building its packages with PIE (Position Independent Executables) as the default.
Following Fedora making PIE their default (since F23) and Ubuntu 17.10 planning PIE for all, Tumbleweed has transitioned to enabling PIE by default in its compiler. This comes as part of their recent transition to using the GCC 7 code compiler.
Position independent executables allow for full address space layout randomization (ASLR) as a security benefit with not having a predictable memory address. Currently there is about 97% coverage of PIE-enabled packages in openSUSE Tumbleweed while a few remaining issues are being addressed.
More details via this mailing list post.
Following Fedora making PIE their default (since F23) and Ubuntu 17.10 planning PIE for all, Tumbleweed has transitioned to enabling PIE by default in its compiler. This comes as part of their recent transition to using the GCC 7 code compiler.
Position independent executables allow for full address space layout randomization (ASLR) as a security benefit with not having a predictable memory address. Currently there is about 97% coverage of PIE-enabled packages in openSUSE Tumbleweed while a few remaining issues are being addressed.
More details via this mailing list post.
32 Comments