On Thu, Jul 9, 2009 at 8:19 PM, Steve Grubb <[email protected]> wrote:
> On Thursday 09 July 2009 10:45:55 am devzero2000 wrote: > > There are also other two big problem, imho, now, with prelink support: > > > > 1 - it render impossibile to do a centralizzated integrity checker (with > as > > example rfc.sf.net ): very very bad > > The aide program in rawhide is prelink friendly. So there are integrity > checkers that can be used. > > As for security, prelink stirring around address space randomization is > good > for security. For example, this hack needed prelink not to have run to get > the > exploit reliable: > > http://invisiblethingslab.com/pub/xenfb-adventures-10.pdf > > There are more examples like this. > i know this ref. Tell me something other. I follow only 15 mailing list on these subjects. Anyway if prelink is a good thing for ASLR IT MUST BE DOCUMENTATED BETTER. I am sure anyone agreed on this. regards > > -Steve >
-- fedora-devel-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/fedora-devel-list
