mirror of
https://github.com/bitcoin/bitcoin.git
synced 2025-04-29 23:09:44 -04:00
doc: remove Security section from build-unix.md
Our compile documentation isn't the right place for genric binary hardening notes, which are neither particularly Bitcoin-Core specific, or as relevant as they might have once been, i.e non-executable stacks are now just the norm. Just remove the notes for now, if someone has something more interesting/Bitcoin Core specific, it could be added in separate documentation in the future (maybe into the devwiki or similar). Split from https://github.com/bitcoin/bitcoin/pull/27685#discussion_r1196517868.
This commit is contained in:
fanquake
parent
5f70cd3997
commit
4bfcbbfd4a
1 changed files with 0 additions and 46 deletions
|
|
@ -184,52 +184,6 @@ export BDB_PREFIX="/path/to/bitcoin/depends/x86_64-pc-linux-gnu"
|
||||||
|
|
||||||
**Note**: You only need Berkeley DB if the legacy wallet is enabled (see [*Disable-wallet mode*](#disable-wallet-mode)).
|
**Note**: You only need Berkeley DB if the legacy wallet is enabled (see [*Disable-wallet mode*](#disable-wallet-mode)).
|
||||||
|
|
||||||
Security
|
|
||||||
--------
|
|
||||||
To help make your Bitcoin Core installation more secure by making certain attacks impossible to
|
|
||||||
exploit even if a vulnerability is found, binaries are hardened by default.
|
|
||||||
This can be disabled with:
|
|
||||||
|
|
||||||
Hardening Flags:
|
|
||||||
|
|
||||||
./configure --enable-hardening
|
|
||||||
./configure --disable-hardening
|
|
||||||
|
|
||||||
|
|
||||||
Hardening enables the following features:
|
|
||||||
* _Position Independent Executable_: Build position independent code to take advantage of Address Space Layout Randomization
|
|
||||||
offered by some kernels. Attackers who can cause execution of code at an arbitrary memory
|
|
||||||
location are thwarted if they don't know where anything useful is located.
|
|
||||||
The stack and heap are randomly located by default, but this allows the code section to be
|
|
||||||
randomly located as well.
|
|
||||||
|
|
||||||
On an AMD64 processor where a library was not compiled with -fPIC, this will cause an error
|
|
||||||
such as: "relocation R_X86_64_32 against `......' can not be used when making a shared object;"
|
|
||||||
|
|
||||||
To test that you have built PIE executable, install scanelf, part of paxutils, and use:
|
|
||||||
|
|
||||||
scanelf -e ./bitcoin
|
|
||||||
|
|
||||||
The output should contain:
|
|
||||||
|
|
||||||
TYPE
|
|
||||||
ET_DYN
|
|
||||||
|
|
||||||
* _Non-executable Stack_: If the stack is executable then trivial stack-based buffer overflow exploits are possible if
|
|
||||||
vulnerable buffers are found. By default, Bitcoin Core should be built with a non-executable stack,
|
|
||||||
but if one of the libraries it uses asks for an executable stack or someone makes a mistake
|
|
||||||
and uses a compiler extension which requires an executable stack, it will silently build an
|
|
||||||
executable without the non-executable stack protection.
|
|
||||||
|
|
||||||
To verify that the stack is non-executable after compiling use:
|
|
||||||
`scanelf -e ./bitcoin`
|
|
||||||
|
|
||||||
The output should contain:
|
|
||||||
STK/REL/PTL
|
|
||||||
RW- R-- RW-
|
|
||||||
|
|
||||||
The STK RW- means that the stack is readable and writeable but not executable.
|
|
||||||
|
|
||||||
Disable-wallet mode
|
Disable-wallet mode
|
||||||
--------------------
|
--------------------
|
||||||
When the intention is to only run a P2P node, without a wallet, Bitcoin Core can
|
When the intention is to only run a P2P node, without a wallet, Bitcoin Core can
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue