LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Guennadi Liakhovetski <g.liakhovetski@gmx.de>
To: Scott Wood <scottwood@freescale.com>
Cc: "Rogério Brito" <rbrito@ime.usp.br>,
	linuxppc-dev@ozlabs.org, akpm@linux-foundation.org,
	linux-kernel@vger.kernel.org
Subject: Re: [PATCH] powerpc: enable heap randomization for linkstations
Date: Mon, 13 Oct 2008 21:27:29 +0200 (CEST)	[thread overview]
Message-ID: <Pine.LNX.4.64.0810132119510.9041@axis700.grange> (raw)
In-Reply-To: <20081013184443.GA20612@ld0162-tx32.am.freescale.net>

On Mon, 13 Oct 2008, Scott Wood wrote:

> On Mon, Oct 13, 2008 at 08:05:09PM +0200, Guennadi Liakhovetski wrote:
> > On Mon, 13 Oct 2008, Rogério Brito wrote:
> > 
> > > The current defconfig for Linkstation/Kuroboxes has the "Disable Heap
> > > Randomization" option enabled.
> > > 
> > > Since some of these machines are facing the internet, it helps to have
> > > heap randomization enabled. This patch enables it.
> > 
> > Same as the previous patch - this is one of options, that users select 
> > according to their needs. If any specific distribution enables this option 
> > by default in their kernels, they can do this too, don't think this is 
> > critical enough to patch the defconfig.
> 
> Just because users/distros can change it doesn't mean it's pointless to
> discuss what default is sane, and make changes if the current default
> isn't.
> 
> For security-related options it's usually best to default to the more
> secure state, especially since the option description talks about it
> being needed mainly for libc5 compatibility -- did libc5 ever even exist
> for powerpc?  

In a 2.6.27-rc5-ish snapshot I counted 68 enabled and 11 disabled 
CONFIG_COMPAT_BRK under arch/powerpc/configs/. Ok, enabling it for all 
would be a bit rude, and one has to start somewhere...

> The only reason it was turned on in the first place was likely the
> "default y", which in turn is there to avoid breaking old x86 distros.

Then maybe it would be better to make default y only for some platforms?

Thanks
Guennadi
---
Guennadi Liakhovetski, Ph.D.
Freelance Open-Source Software Developer

  reply	other threads:[~2008-10-13 19:27 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2008-10-13  4:07 [PATCH] powerpc: compile kernel for linkstations optimized for size Rogério Brito
2008-10-13  4:51 ` [PATCH] powerpc: enable heap randomization for linkstations Rogério Brito
2008-10-13 18:05   ` Guennadi Liakhovetski
2008-10-13 18:44     ` Scott Wood
2008-10-13 19:27       ` Guennadi Liakhovetski [this message]
2008-10-13 20:56       ` Rogério Brito
2008-10-19  2:53       ` Rogério Brito
2008-10-19  3:16         ` Rogério Brito
2008-10-17  9:38   ` Rogério Brito
2008-10-28 13:58   ` Kumar Gala
2008-10-13 18:03 ` [PATCH] powerpc: compile kernel for linkstations optimized for size Guennadi Liakhovetski
2008-10-13 21:28   ` Rogério Brito
2008-10-17  9:37 ` Rogério Brito
2008-10-28 13:58 ` Kumar Gala

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Pine.LNX.4.64.0810132119510.9041@axis700.grange \
    --to=g.liakhovetski@gmx.de \
    --cc=akpm@linux-foundation.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linuxppc-dev@ozlabs.org \
    --cc=rbrito@ime.usp.br \
    --cc=scottwood@freescale.com \
    --subject='Re: [PATCH] powerpc: enable heap randomization for linkstations' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).