Hardening ELF Binaries Using Relocation Read-Only (Relro)

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
malloc Security memory-allocation malloc-library memory-allocator

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • hardened_malloc

    Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability / integration over time.

    • LDFLAGS_HMALLOC := -L/usr/local/lib -lhardened_malloc # see https://github.com/GrapheneOS/hardened_malloc

  • checksec.sh

    Checksec.sh

    • Also, one can use checksec to confirm that the protections are actually in place. https://github.com/slimm609/checksec.sh

    I happened to be looking at this for Go binaries last night and it seems that -buildmode=pie gets you part of the way there. Was trying to see if full relro was possible with CGO_ENABLED=0 but it seems only partial was achievable in the few hours I spent.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts