Re: CVS commit: src/sys/arch/evbppc/conf

To: Christos Zoulas <christos%astron.com@localhost>
Subject: Re: CVS commit: src/sys/arch/evbppc/conf
From: Matt Thomas <matt%3am-software.com@localhost>
Date: Thu, 23 Jun 2011 21:02:17 -0700

On Jun 23, 2011, at 6:50 PM, Christos Zoulas wrote:

> In article <20110624004847.8A0CE175D0%cvs.netbsd.org@localhost>,
> Matt Thomas <source-changes-d%NetBSD.org@localhost> wrote:
>> -=-=-=-=-=-
>> 
>> Module Name: src
>> Committed By:        matt
>> Date:                Fri Jun 24 00:48:47 UTC 2011
>> 
>> Modified Files:
>>      src/sys/arch/evbppc/conf: RB800
>> 
>> Log Message:
>> Turn on PAX_ASLR
> 
> I am fine with that, just 2 comments.
> - to fully take advantage of ASLR you need MKPIE=yes so that the text
>  and data segments get randomized too.

Already doing that.  Pretty certain I'm the only one using RB800 so ...
I want to do some timings to compare MKPIE=yes against MKPIE=no.

> - just using options PAX_ASLR is probably safer and you can then enable
>  it with: sysctl -w security.pax.aslr.enabled=1

PAX_ASLR requires a value.

Follow-Ups:
- Re: CVS commit: src/sys/arch/evbppc/conf
  - From: Christos Zoulas

References:
- Re: CVS commit: src/sys/arch/evbppc/conf
  - From: Christos Zoulas

Prev by Date: Re: CVS commit: src/sys/uvm
Next by Date: Re: CVS commit: src/sys/net
Previous by Thread: Re: CVS commit: src/sys/arch/evbppc/conf
Next by Thread: Re: CVS commit: src/sys/arch/evbppc/conf
Indexes:

Home | Main Index | Thread Index | Old Index