|
Date: Sat, 27 Apr 2013 02:14:05 +0800
From: Pavel Labushev <pavel.labushev@...box.no>
To: owl-dev@...ts.openwall.com
Subject: Re: PIE on x86_64
On Fri, 12 Apr 2013 22:26:58 +0400
Solar Designer <solar@...nwall.com> wrote:
> > What are your reasons not to link executables as ET_DYN, even though
> > the target CPU architecture is PC-relative?
>
> I think we should start doing that, and benchmark to make sure there's
> no unexpected performance drop. Vasily?
And silence was the answer... Is it too much work? You could make -fpie
and the other hardening flags compiler's built-in defaults, like it is
done in Hardened Gentoo. It may be simpler and more robust than
tweaking specs of every package and would set more secure defaults for
anything that users might compile.
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.