Tom Horsley wrote: > The "prelinker" is enabled by default because one group of > geeks want their shared libs to load 10 nanoseconds faster > (while using 45 hours of cpu in a cron job to achieve that), > meanwhile the security geeks enable address space randomization > by default, thus insuring that everything the prelinker does > will be for naught because none of the libs will ever load > at the prelinked address. http://lwn.net/Articles/190139/: In an attempt to restore some of the benefits of address space randomization, prelink is capable of randomly selecting the addresses used for prelinking. This makes it more difficult to perform certain attacks on a system, because the addresses used are unique to that system. In other words, prelinking does address space randomization on a per-system basis. Or so I understand – if you have any other sources, I’d be interested to hear them. This comes from a reputable source and matches my understanding. Hope this helps, James. -- E-mail: james@ | “My aunt’s camel has fallen in the mirage.” aprilcottage.co.uk | -- “Soul Music”, Terry Pratchett. -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
