On Thu, Feb 20, 2014 at 08:52:07PM +0400, Andrew Savchenko wrote: > And this point is one of the highest security benefits in real world: > one have non-standard binaries, not available in the wild. Most > exploits will fail on such binaries even if vulnerability is still > there.
While excluding few security issues by compiling less code is possible, believing that "non-standard binaries" (in the sense of "compiled for with local compilation flags") gives more security is a dangerous dream. -- Nicolas Sebrecht
