On 18-Dec-2005 matthew green wrote:
> you fail to understand the performance issue here.  when, eg, libc is
> not mapped at the same address as other processes, the performance hit
> is in the range of 30-40% on some platforms.  it's not about start up
> it is about the MMU being constantly trashed.

Whats the harm in providing the switch to turn it on though?  It sounds like a
reasonable not-on-by-default kind of security thing.

Speaking personally.. I don't care if we have a million security features in
the kernel, as long as I can shut the annoying ones off, and the test-for-off
code doesn't bog the kernel down.

---
Tim Rightnour <root@garbled.net>
NetBSD: Free multi-architecture OS http://www.netbsd.org/
Genecys: Open Source 3D MMORPG: http://www.genecys.org/