Gentoo Hardening: Part 3: Using Checksec

by Dejan Lukan
Oct. 7, 2017 0 comments INFOSEC Institute

The script can check whether ELF executables are set, and it processes support for the following security mitigations: RELRO Stack Canary NoeXecute (NX) Position Independent Code (PIE) Address Space Layout Randomization (ASLR) Fortify Source The –file can be used to check which security mitigations are enabled for a file, whereas the –dir checks all files in current directory. The –proc attribute checks certain process, the –proc-all attribute checks all currently running processes and –proc-libs checks process libraries. Let’s see how the /bin/bash program was compiled: