[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: PaX on Debian

On Mon, 2004-07-26 at 14:37 -0400, John Richard Moser wrote:
> Hash: SHA1
> Andres Salomon wrote:
> | On Sun, 25 Jul 2004 12:57:29 -0400, John Richard Moser wrote:
> |
> Did some digging.  pipacs said that PAGEEXEC force-enables the 'disable
> vsyscall' option, so you'd be forced to use SEGMEXEC on x86 to avoid
> #245563, if I'm reading this right.  On amd64, it should be fine; he

Yep, that's right.  I've talked to both ian and pipacs about it.
Spender and pipacs both agree that upstream glibc fixes will work.

> :  Tags added: fixed-upstream Request was from GOTO Masanori
> :  <gotom@debian.or.jp> to control@bugs.debian.org. Full text available.
> Fixed in upstream.  Either use an updated glibc in the next debian
> release (I know there's no way you're going to suddenly shift STABLE to
> PaX/pie/ssp, and I'm even going to recommend AGAINST that due to
> Debian's development model), or backport the changes to whatever glibc
> you use.

The plan is to backport changes; I was hoping to make the next (debian)
glibc release, but no one else seems interested in fixing the bug, and
I'm lacking free time right now.

Andres Salomon <dilinger@voxel.net>

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: