On Mon, Jul 20, 2009 at 12:09:05AM -0400, Michael S Gilbert wrote: > while this bug is still open, would it make sense to disable the gcc > option/optimization/bug/flaw that allows this vulnerability to exist? > the "-fno-delete-null-pointer-checks" flag will completely disable > this option kernel-wide [1].
Already done in sid. > obviously there is a tradeoff here. the null pointer optimization > does make the kernel run a bit faster (and maybe that should be > quantified to determine the impact), but on the other hand it opens up > a slew of vulnerabilities. i think erring on the side of > caution/security is the way to go. > > anyway, just a thought. > > mike > > [1] http://gcc.gnu.org/onlinedocs/gcc/Optimize-Options.html > > > -- dann frazier -- To UNSUBSCRIBE, email to debian-kernel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
