These two techniques make it harder to come up with exploits, by reducing what is commonly called the "attack surface" in security circles: by making the addresses less predictable, and by making it harder to inject data that is then (mis-)interpreted as code, this hardens Git's executables on Windows.
These patches have been carried in Git for Windows for over 3 years, and should therefore be considered battle-tested. İsmail Dönmez (2): mingw: do not let ld strip relocations mingw: enable DEP and ASLR config.mak.uname | 8 ++++++++ 1 file changed, 8 insertions(+) base-commit: 39ffebd23b1ef6830bf86043ef0b5c069d9299a9 Published-As: https://github.com/gitgitgadget/git/releases/tag/pr-134%2Fdscho%2Faslr-v1 Fetch-It-Via: git fetch https://github.com/gitgitgadget/git pr-134/dscho/aslr-v1 Pull-Request: https://github.com/gitgitgadget/git/pull/134 -- gitgitgadget
