Bug#537409: info

To: Michael S Gilbert <michael.s.gilbert@gmail.com>, 537409@bugs.debian.org
Subject: Bug#537409: info
From: dann frazier <dannf@debian.org>
Date: Sun, 19 Jul 2009 23:49:24 -0600
Message-id: <[🔎] 20090720054924.GR2951@lackof.org>
Reply-to: dann frazier <dannf@debian.org>, 537409@bugs.debian.org
In-reply-to: <[🔎] 8e2a98be0907192109we16cbffq1810c693061031a3@mail.gmail.com>
References: <[🔎] 8e2a98be0907192109we16cbffq1810c693061031a3@mail.gmail.com>

On Mon, Jul 20, 2009 at 12:09:05AM -0400, Michael S Gilbert wrote:
> while this bug is still open, would it make sense to disable the gcc
> option/optimization/bug/flaw that allows this vulnerability to exist?
> the "-fno-delete-null-pointer-checks" flag will completely disable
> this option kernel-wide [1].

Already done in sid.

> obviously there is a tradeoff here.  the null pointer optimization
> does make the kernel run a bit faster (and maybe that should be
> quantified to determine the impact), but on the other hand it opens up
> a slew of vulnerabilities.  i think erring on the side of
> caution/security is the way to go.
> 
> anyway, just a thought.
> 
> mike
> 
> [1] http://gcc.gnu.org/onlinedocs/gcc/Optimize-Options.html
> 
> 
> 

-- 
dann frazier

Reply to:

References:
- Bug#537409: info
  - From: Michael S Gilbert <michael.s.gilbert@gmail.com>

Prev by Date: Bug#537625: linux-image-2.6.26-2-amd64: RealTek r8111c NIC chipset not supported
Next by Date: Bug#537625: linux-image-2.6.26-2-amd64: RealTek r8111c NIC chipset not supported
Previous by thread: Bug#537409: info
Next by thread: Processed: tagging 524542
Index(es):
- Date
- Thread