On Wednesday 06 of September 2017, Jan Rękorajski wrote: > On Wed, 06 Sep 2017, Arkadiusz Miśkiewicz wrote: > > On Tuesday 05 of September 2017, baggins wrote: > > > commit aa2cca690b9ce623e4dac08b9563584530a0a489 > > > Author: Jan Rękorajski <[email protected]> > > > Date: Tue Sep 5 23:52:49 2017 +0200 > > > > > > - disable struct randomization, it's pointless for a distro kernel > > > > Not pointless - exploit needs to match specific pld kernel directly and > > generic or other distro exploits won't work. > > What is very easy to accomplish, because you have to expose random seed > used during kernel build to be able to build external modules.
Not for typical "attacker" or automated attacks. > I'm not strongly opposed to the idea, but you need to make sure external > modules will build/work Where there any problems already? > if you really want a slower and bigger kernel > for slight increase in security. How bigger and slower? It only changes order of struct members AFAIK. -- Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org ) _______________________________________________ pld-devel-en mailing list [email protected] http://lists.pld-linux.org/mailman/listinfo/pld-devel-en
