security policy about LD_PRELOAD and /etc/ld.so.preloadload

I have a security problem about LD_PRELOAD and /etc/ld.so.preload. Recently I see the bug of CVE-2015-1328 in Ubuntu series (http://cxsecurity.com/issue/WLB-2015060081), the attack method is using the bug of overlayfs to create ld.so.preload in the /etc. He writes his getuid function to overlap

[Question] Is there security module/mechanism which can prevent such an attack?

Hi everyone, Recently I saw a vulnerability - Android KeyStore Stack Buffer Overflow CVE-2014-3100 . It's about Android keystore daemon. /*

Re: When did Debian decide to enable PIE by default?

On 08/09/2017 10:31 AM, Thomas Schmitt wrote: > Hi, > > 慕 冬亮 <mudonglianga...@hotmail.com> wrote: >> When does Debian Team, or Security Team decide to enable PIE by default? > I guess it was one year ago. At least that's the dates one can see on >https:

Unstable Wayland in Debian Testing

Dear all, Debian Testing for now has a very unstable wayland. I have encountered dozens of crashes about current Wayland during those months. When I connect or disconnect an external screen monitor, usb driver, or even one phone, the desktop environment could crash. And then I login and found