Re: PaX on Debian
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Andres Salomon wrote:
| On Mon, 2004-07-26 at 14:37 -0400, John Richard Moser wrote:
|
|>-----BEGIN PGP SIGNED MESSAGE-----
|>Hash: SHA1
|>
|>
|>
|>Andres Salomon wrote:
|>| On Sun, 25 Jul 2004 12:57:29 -0400, John Richard Moser wrote:
|>|
|
| [...]
|
|>Did some digging. pipacs said that PAGEEXEC force-enables the 'disable
|>vsyscall' option, so you'd be forced to use SEGMEXEC on x86 to avoid
|>#245563, if I'm reading this right. On amd64, it should be fine; he
|
|
| Yep, that's right. I've talked to both ian and pipacs about it.
| Spender and pipacs both agree that upstream glibc fixes will work.
|
Cool.
| [...]
|
|>: Tags added: fixed-upstream Request was from GOTO Masanori
|>: <gotom@debian.or.jp> to control@bugs.debian.org. Full text available.
|>
|>Fixed in upstream. Either use an updated glibc in the next debian
|>release (I know there's no way you're going to suddenly shift STABLE to
|>PaX/pie/ssp, and I'm even going to recommend AGAINST that due to
|>Debian's development model), or backport the changes to whatever glibc
|>you use.
|
|
| The plan is to backport changes; I was hoping to make the next (debian)
| glibc release, but no one else seems interested in fixing the bug, and
| I'm lacking free time right now.
|
Check to see if someone else did it. I know it works on Gentoo, for a
few months now; but I don't know if it's just a newer version of glibc
or if there was also a backport for some of the older versions. I'm
using 2.3.4 pre-relases of glibc, so obviously I'm on a fixed version,
not an old one with a backported patch.
Never do work you don't have to do; gpl code can be freely yanked back
and forth. :)
|
- --
All content of all messages exchanged herein are left in the
Public Domain, unless otherwise explicitely stated.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBBV27hDd4aOud5P8RAlGSAKCQePuNYj3EsEPMwGKi9O2WpaxbdwCfSlOF
4WuNZtKqaIkRVrO/xRNZewE=
=9fzL
-----END PGP SIGNATURE-----
Reply to: