>On Thursday 12 November 2009 20:24:05 r...@fdy2.demon.co.uk wrote:
>> Nick Hudson wrote:
>> >Module Name:src
>> >Committed By: skrll
>> >Date: Sun Nov 8 15:25:10 UTC 2009
>> >
>> >Modified Files:
>> >src/gnu/lib: Makefile
>> >src/gnu/usr.bin: Makefile
>> >Removed
On Thursday 12 November 2009 20:24:05 r...@fdy2.demon.co.uk wrote:
> Nick Hudson wrote:
> >Module Name:src
> >Committed By: skrll
> >Date: Sun Nov 8 15:25:10 UTC 2009
> >
> >Modified Files:
> >src/gnu/lib: Makefile
> >src/gnu/usr.bin: Makefile
> >Removed Files:
>
>
On Thu, Nov 12, 2009 at 08:24:05PM +, r...@fdy2.demon.co.uk wrote:
> Please could ncdcs be restored, it isn't part of binutils and is
> needed for NetBSD/ibmnws.
It's in src/external/, now.
Dave
--
David Young OJC Technologies
dyo...@ojctech.com Urbana, IL * (217) 278-3933
Nick Hudson wrote:
>Module Name:src
>Committed By: skrll
>Date: Sun Nov 8 15:25:10 UTC 2009
>
>Modified Files:
>src/gnu/lib: Makefile
>src/gnu/usr.bin: Makefile
>Removed Files:
[snip]
>src/gnu/usr.sbin/ncdcs: Makefile ncdcs.8 ncdcs.c
>
>Log Message:
>Remo
On Thu, Nov 12, 2009 at 07:19:55AM +, Mindaugas Rasiukevicius wrote:
> * 5% performance hit on build.sh is not really a small number to me.
I've disabled SSP again, the performance hit is gone.
We can therefore stop this fruitless discussion.
Kind regards
--
Matthias Scheler
On Thu, Nov 12, 2009 at 12:40:54PM +, Mindaugas Rasiukevicius wrote:
> Well, I do not really care about this type of philosophical security in the
> kernel, but by estimating the effect, I would say there is more cost than
> benefit - modern x86 machines have a PG_NX bit, which deals with this
On Thu, Nov 12, 2009 at 12:40:54PM +, Mindaugas Rasiukevicius wrote:
> benefit - modern x86 machines have a PG_NX bit, which deals with this matter
> in a much better way.
Non executable stack only takes care of some types of stack smashing attacks,
the stack protector catches a lot more.
Mar
Matthias Scheler wrote:
> > Point that it can find some bugs is reasonable, but then why not enable
> > it for, let's say, DIAGNOSTIC option?
>
> Because it is also a security feature. I can e.g. turn a remote root
> exploit into a DoS which will at least keep your data safe.
>
Well, I do not r