mir/bind
2
0
Fork 0
mirror of https://gitlab.isc.org/isc-projects/bind9 synced 2025-08-29 13:38:26 +00:00
Code Issues Releases Wiki Activity

Disable and disallow static linking

Browse Source 
Linking BIND 9 programs and libraries statically disables several
important features:

  * dlopen() - relied on by dynamic loading of modules, dlz, and dyndb,

  * RELRO (read-only relocations) and ASLR (address space layout
    randomization) - security features which are important for any
    program interacting with the network and/or user input.

Disable and disallow linking BIND 9 binaries statically, thus enforcing
dlopen() support and allowing use of RELRO and ASLR by default.
This commit is contained in:
Ondřej Surý 2020-06-16 10:38:46 +02:00 committed by Ondřej Surý
parent 789e5f4a4b
commit a7bed56845
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
configure.ac
View File

@ -119,7 +119,10 @@ AX_POSIX_SHELL
AC_PROG_MKDIR_P AC_PROG_MKDIR_P
# Initialize libtool # Initialize libtool
LT_INIT([dlopen]) LT_INIT([disable-static dlopen pic-only])
AS_IF([test $enable_static != "no"],
[AC_MSG_ERROR([Static linking is not supported as it disables dlopen() and certain security features (e.g. RELRO, ASLR)])])
LT_CONFIG_LTDL_DIR([libltdl]) LT_CONFIG_LTDL_DIR([libltdl])
LTDL_INIT([recursive]) LTDL_INIT([recursive])