Please do not reply to this email: if you want to comment on the bug, go to
the URL shown below and enter yourcomments there.
https://bugs.freedesktop.org/show_bug.cgi?id=4197
[EMAIL PROTECTED] changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |CLOSED
------- Additional Comments From [EMAIL PROTECTED] 2006-01-26 21:01 -------
(In reply to comment #14)
> *** Bug 5710 has been marked as a duplicate of this bug. *** The take 2 patch
works on mesa-6.4.1 also. In view of some of the vitriol above, I felt I should
outline a perspective of the user (not a programmer)of a hardened system.
Hardened systems are for resisting attackers, and the main application is
'always on' servers. As such, I have no business installing X, or DRI. It is
because mine is a learning exercise that these went in. Quake, kde, gnome, or
any other bug rich eye candy will never be installed. Not here.
When dri failed to install, I had 2 choices
1. Forget DRI (Over the textrels)
2. Recompile a kernel without CONFIG_PAX_NOELFRELOCS
This is such a major weakness that no hardened system would contemplate it for
long. Attackers intrude by exploiting some program; key to the continuance of
the attack is rewriting a pointer to point at their own code. Relocating
position independent code with the kernel randomising location of the code makes
this latter step exceptionally difficult and noisy, as an attacker won't know
beforehand where anything is. No sitting ducks in ram.
I will be quite happy with 75% of the performance of a gaming box, or 50%
of it. I don't ever want to see this adapted into the mainstream Mesa code
unless the various protections (Grsecurity, Pax, ssp, etc) are also adopted by
the mainstream development. But I would always like the patch available. I don't
care if it breaks with other boxes, or the API paper spec, as long as things
work.
--
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642
_______________________________________________
Mesa3d-dev mailing list
Mesa3d-dev@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mesa3d-dev
