Bug#537409: info
while this bug is still open, would it make sense to disable the gcc
option/optimization/bug/flaw that allows this vulnerability to exist?
the "-fno-delete-null-pointer-checks" flag will completely disable
this option kernel-wide [1].
obviously there is a tradeoff here. the null pointer optimization
does make the kernel run a bit faster (and maybe that should be
quantified to determine the impact), but on the other hand it opens up
a slew of vulnerabilities. i think erring on the side of
caution/security is the way to go.
anyway, just a thought.
mike
[1] http://gcc.gnu.org/onlinedocs/gcc/Optimize-Options.html
Reply to: