Date: Tue, 23 Jan 2007 08:44:28 +0000
From: Pavel Machek <pavel@ucw.cz>
To: Samium Gromoff <_deepfire@feelingofgreen.ru>
Cc: Arjan van de Ven <arjan@infradead.org>, linux-kernel@vger.kernel.org,
       David Wagner <daw@cs.berkeley.edu>
Subject: Re: [PATCH] Undo some of the pseudo-security madness
Message-ID: <20070123084427.GA5560@ucw.cz>
References: <87y7nxvk65.wl@betelheise.deep.net> <1169345764.3055.935.camel@laptopd505.fenrus.org> <87tzykuj49.wl@betelheise.deep.net> <1169426146.3055.1163.camel@laptopd505.fenrus.org> <87sle3x82o.wl@betelheise.deep.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <87sle3x82o.wl@betelheise.deep.net>
User-Agent: Mutt/1.5.9i
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 960
Lines: 24

Hi!

> > nor will they work if the sysadmin applies a security update and glibc
> > or another library changes one page in size. Or changes the stack rlimit
> > or .. or ..
> 
> Now, i figured out, there is a certain reasonable safety gap which works
> for people, because the libraries depended on are well known.
> 
> What happens with AS randomisation, is that the variance is simply too
> large. But what is more important, is that vendors do modifications
> which change the amount of randomisation, which means that potentially

Complain to vendors, not here.

							Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/