tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Default hardening options

nia <> writes:

>>   Explain if turning on MKREPRO without also MKPIE and ALSR has any
>>   negative security consequences?  (I am guessing no, because addreses
>>   are already predicable and MKREPRO is about avoiding timestamps etc.)
> All MKREPRO does is remove references to WRKDIR in debug output.

So given that we've already had discussion, any reason not to just do
that right now?  In my view, if it's going to happen, earlier is better
and less for people to patch to test.

(Just slicing off that becuase it seems the most obvious.)

Attachment: signature.asc
Description: PGP signature

Home | Main Index | Thread Index | Old Index