Re: [PATCH] 2.6.16.16 Parameter-controlled mmap/stack randomization

Hi!

> >>> Good. So fix emacs/oracle/pine, and year or so and some time after it
> >>> is fixed, we can change kernel defaults. That's still less bad than
> >>> having
> >>>
> >>> [ ] Break emacs
> >>>
> >>> in kernel config.
> >> Nobody is going to fix emacs/oracle/pine, they don't have to.  Nothing
> >> is making them.  The kernel will wait for them so who cares.
> > 
> > No, _you_ have to fix emacs/oracle/pine. You claimed your patch is
> > interesting for secure distros, so you obviously have manpower for
> > that, right?
> 
> RHAT probably fixed Emacs already since it broke on them.  Adamantix and
> Hardened Gentoo are most likely to put manpower into things like pine..
> they put a lot of work into removing textrels on i386.
> 
> Oracle we can't do anything about.  It's commercial.  If we break it,
> they will recommend running it on Solaris or Windows 2003.

Well, if RedHat ships randomization, it will make Oracle fix it quite
quickly :-).

> > As you may have noticed, I'm at receiving end of those bug
> > reports. And what you propose is actually *worse* than IDE, because at
> > least you get relatively clear error message when misconfiguring IDE.
> 
> Yes but when you misconfigure IDE the system doesn't boot.  When you
> turn up randomization too high, everything works but 1 or 2
> programs.

Yes, you'll very quickly realize you misconfigured IDE... while stack
randomization is going to break 2 apps and you'll not know why.

> > For x86-64... why not?
> 
> On x86-64 he may, if you can convince him it's useful (asserting that

I do not care much about randomization, sorry. I see it may be useful
on x86-64, but I do not think configurability helps. Sorry.
								Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Follow-Ups:
- Re: [PATCH] 2.6.16.16 Parameter-controlled mmap/stack randomization
  - From: John Richard Moser <[email protected]>

References:
- Re: [PATCH] 2.6.16.16 Parameter-controlled mmap/stack randomization
  - From: Pavel Machek <[email protected]>
- Re: [PATCH] 2.6.16.16 Parameter-controlled mmap/stack randomization
  - From: John Richard Moser <[email protected]>
- Re: [PATCH] 2.6.16.16 Parameter-controlled mmap/stack randomization
  - From: Pavel Machek <[email protected]>
- Re: [PATCH] 2.6.16.16 Parameter-controlled mmap/stack randomization
  - From: John Richard Moser <[email protected]>
- Re: [PATCH] 2.6.16.16 Parameter-controlled mmap/stack randomization
  - From: Pavel Machek <[email protected]>
- Re: [PATCH] 2.6.16.16 Parameter-controlled mmap/stack randomization
  - From: John Richard Moser <[email protected]>
- Re: [PATCH] 2.6.16.16 Parameter-controlled mmap/stack randomization
  - From: Pavel Machek <[email protected]>
- Re: [PATCH] 2.6.16.16 Parameter-controlled mmap/stack randomization
  - From: John Richard Moser <[email protected]>
- Re: [PATCH] 2.6.16.16 Parameter-controlled mmap/stack randomization
  - From: Pavel Machek <[email protected]>
- Re: [PATCH] 2.6.16.16 Parameter-controlled mmap/stack randomization
  - From: John Richard Moser <[email protected]>

Prev by Date: Re: [PATCH] Gerd Hoffman's move-vsyscall-into-user-address-range patch
Next by Date: Re: APIC error on CPUx
Previous by thread: Re: [PATCH] 2.6.16.16 Parameter-controlled mmap/stack randomization
Next by thread: Re: [PATCH] 2.6.16.16 Parameter-controlled mmap/stack randomization
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Newbies] [Netfilter] [Bugtraq] [Photo] [Stuff] [Gimp] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Video 4 Linux] [Linux for the blind] [Linux Resources]