nia <nia%NetBSD.org@localhost> writes: >> Explain if turning on MKREPRO without also MKPIE and ALSR has any >> negative security consequences? (I am guessing no, because addreses >> are already predicable and MKREPRO is about avoiding timestamps etc.) > > All MKREPRO does is remove references to WRKDIR in debug output. So given that we've already had discussion, any reason not to just do that right now? In my view, if it's going to happen, earlier is better and less for people to patch to test. (Just slicing off that becuase it seems the most obvious.)
Attachment:
signature.asc
Description: PGP signature