Mailinglist Archive: opensuse-factory (368 mails)

[Cristian Rodríguez <crrodriguez@xxxxxxxxxxxx>]

On 23/01/12 20:23, Gerald Pfeifer wrote:
> On Mon, 23 Jan 2012, Claudio Freire wrote:
> > > And again, breaking people's systems that have been running fine for
> > > years?  That's a big risk that I don't think you want to take...
> > In this case, it's worth the try.
>
> Cui bono?  The average openSUSE user will be very annoyed, up to
> the point of considering a different distribution of something she
> cares about breaks.  Really, often it's just one thing not working,
> or even not working well.  And even if there is a workaround, and
> she does not switch, such an experience certainly does not add
> bonus points.
>
> I am generally very much in favor of security.  This, however, is
> not straightforward at all.  Let's keep in mind that anyone on this
> list is _not_ an average openSUSE user!

"There are a few legacy applications out there (such as some ancient 
versions of libc.so.5 from 1996) that assume that brk area starts
just after the end of the code+bss.  These applications break when
start of the brk area is randomized.  There are however no known
non-legacy applications that would be broken this way, so for most
systems it is safe to choose full randomization."

So, if this is not true, the kernel documentation needs fixing.
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx