Bug#537409: info

To: 537409@bugs.debian.org
Subject: Bug#537409: info
From: Michael S Gilbert <michael.s.gilbert@gmail.com>
Date: Mon, 20 Jul 2009 00:09:05 -0400
Message-id: <[🔎] 8e2a98be0907192109we16cbffq1810c693061031a3@mail.gmail.com>
Reply-to: Michael S Gilbert <michael.s.gilbert@gmail.com>, 537409@bugs.debian.org

while this bug is still open, would it make sense to disable the gcc
option/optimization/bug/flaw that allows this vulnerability to exist?
the "-fno-delete-null-pointer-checks" flag will completely disable
this option kernel-wide [1].

obviously there is a tradeoff here.  the null pointer optimization
does make the kernel run a bit faster (and maybe that should be
quantified to determine the impact), but on the other hand it opens up
a slew of vulnerabilities.  i think erring on the side of
caution/security is the way to go.

anyway, just a thought.

mike

[1] http://gcc.gnu.org/onlinedocs/gcc/Optimize-Options.html

Reply to:

Follow-Ups:
- Bug#537409: info
  - From: dann frazier <dannf@debian.org>

Prev by Date: Bug#537635: iwl3945 crash with 2.6.30
Next by Date: Processed: tagging 524542
Previous by thread: Bug#537635: iwl3945 crash with 2.6.30
Next by thread: Bug#537409: info
Index(es):
- Date
- Thread