Re: CVS commit: src/sys/arch/evbppc/conf

To: source-changes-d%NetBSD.org@localhost
Subject: Re: CVS commit: src/sys/arch/evbppc/conf
From: christos%astron.com@localhost (Christos Zoulas)
Date: Fri, 24 Jun 2011 01:50:53 +0000 (UTC)

In article <20110624004847.8A0CE175D0%cvs.netbsd.org@localhost>,
Matt Thomas <source-changes-d%NetBSD.org@localhost> wrote:
>-=-=-=-=-=-
>
>Module Name:   src
>Committed By:  matt
>Date:          Fri Jun 24 00:48:47 UTC 2011
>
>Modified Files:
>       src/sys/arch/evbppc/conf: RB800
>
>Log Message:
>Turn on PAX_ASLR

I am fine with that, just 2 comments.
- to fully take advantage of ASLR you need MKPIE=yes so that the text
  and data segments get randomized too.
- just using options PAX_ASLR is probably safer and you can then enable
  it with: sysctl -w security.pax.aslr.enabled=1

christos

Follow-Ups:
- Re: CVS commit: src/sys/arch/evbppc/conf
  - From: Matt Thomas

Prev by Date: Re: CVS commit: src/sys/uvm
Next by Date: Re: CVS commit: src/sys/uvm
Previous by Thread: Re: CVS commit: src/sys/uvm
Next by Thread: Re: CVS commit: src/sys/arch/evbppc/conf
Indexes:

Home | Main Index | Thread Index | Old Index