On 2017-10-10 14:27:24 +0200, Moritz Muehlenhoff wrote:
> On Tue, Oct 10, 2017 at 02:16:28PM +0200, Vincent Lefevre wrote:
> > On 2017-10-10 13:58:16 +0200, Moritz Muehlenhoff wrote:
> > > This is neutralised by kernel hardening starting with stretch, see
> > > release notes:
> > > https://www.debian.org/releases/jessie/amd64/release-notes/ch-whats-new.en.html#security
> >
> > which is there just because of this kind of bugs.
> >
> > Note also that this is still an optional feature, and not all users
> > use Debian provided kernels.
>
> It is not optional, see the release notes section I quoted.
It is said: "It is enabled in the Debian Linux kernel by default."
^^^^^^^^^^
Thus, that's optional. There is no guarantee that it is enabled
after a system configuration change (done on purpose, due to a
bug, or whatever). One should not blindly rely on this feature.
--
Vincent Lefèvre <[email protected]> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
