On Sat, Jan 28, 2012 at 01:12, Mike Frysinger <vap...@gentoo.org> wrote: > > > Wait... Is anybody here *actually opposed* to not enabling PIE on *SUID > > binaries*? > > he was talking system wide >
This thread is about PIE on SUID executables. > > considering the number set*id binaries in the tree, and their requirements > (they tend to not be performance sensitive in the slightest), i don't have > a > problem with steering them in the PIE direction. > Great! > > ignoring /usr/bin/Xorg here of course, but that has a lot more problems > that i > doubt PIE will make much of a difference. > Oh boy. Yea. Oh boy. Xorg should be PIE too, I suppose. Only takes one rotten egg. > -mike >
