[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: PaX on Debian

Hash: SHA1

Andres Salomon wrote:
| On Mon, 2004-07-26 at 14:37 -0400, John Richard Moser wrote:
|>Hash: SHA1
|>Andres Salomon wrote:
|>| On Sun, 25 Jul 2004 12:57:29 -0400, John Richard Moser wrote:
| [...]
|>Did some digging.  pipacs said that PAGEEXEC force-enables the 'disable
|>vsyscall' option, so you'd be forced to use SEGMEXEC on x86 to avoid
|>#245563, if I'm reading this right.  On amd64, it should be fine; he
| Yep, that's right.  I've talked to both ian and pipacs about it.
| Spender and pipacs both agree that upstream glibc fixes will work.


| [...]
|>:  Tags added: fixed-upstream Request was from GOTO Masanori
|>:  <gotom@debian.or.jp> to control@bugs.debian.org. Full text available.
|>Fixed in upstream.  Either use an updated glibc in the next debian
|>release (I know there's no way you're going to suddenly shift STABLE to
|>PaX/pie/ssp, and I'm even going to recommend AGAINST that due to
|>Debian's development model), or backport the changes to whatever glibc
|>you use.
| The plan is to backport changes; I was hoping to make the next (debian)
| glibc release, but no one else seems interested in fixing the bug, and
| I'm lacking free time right now.

Check to see if someone else did it.  I know it works on Gentoo, for a
few months now; but I don't know if it's just a newer version of glibc
or if there was also a backport for some of the older versions.  I'm
using 2.3.4 pre-relases of glibc, so obviously I'm on a fixed version,
not an old one with a backported patch.

Never do work you don't have to do; gpl code can be freely yanked back
and forth.  :)


- --
All content of all messages exchanged herein are left in the
Public Domain, unless otherwise explicitely stated.

Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org


Reply to: