On 23/01/12 20:23, Gerald Pfeifer wrote:
On Mon, 23 Jan 2012, Claudio Freire wrote:
And again, breaking people's systems that have been running fine for years? That's a big risk that I don't think you want to take... In this case, it's worth the try.
Cui bono? The average openSUSE user will be very annoyed, up to the point of considering a different distribution of something she cares about breaks. Really, often it's just one thing not working, or even not working well. And even if there is a workaround, and she does not switch, such an experience certainly does not add bonus points.
I am generally very much in favor of security. This, however, is not straightforward at all. Let's keep in mind that anyone on this list is _not_ an average openSUSE user!
"There are a few legacy applications out there (such as some ancient versions of libc.so.5 from 1996) that assume that brk area starts just after the end of the code+bss. These applications break when start of the brk area is randomized. There are however no known non-legacy applications that would be broken this way, so for most systems it is safe to choose full randomization." So, if this is not true, the kernel documentation needs fixing. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org