On Mon, 11 Oct 2010 17:18:34 -0500 Marsh Ray wrote: > > You would need to convince the kernel team that the bigmem kernel > > should be the default on i386 systems. > > "Please?"
Don't ask this list, ask the kernel team (via bug report and/or mailing list message). Note that ubuntu uses some kind of NX emulation on i386 when its disabled in the bios or unsupported on the cpu, which may be an option as well here. A patch for that submitted as a kernel bug would be most effective. > >> What can be done to at least warn users that the OS is silently > >> not enforcing the page protections advertised by the CPU? > > > > There is the checksec script, which I have packaged, but have yet to > > get sponsored. It checks whether various kernel security features > > are enabled. > > That sounds useful. Do you have a link? http://trapkit.de/tools/checksec.html Best wishes, Mike -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101011192429.ad97c225.michael.s.gilb...@gmail.com