> I respect you as a kernel developer as long as you're doing preemption > and schedulers; but I honestly think PaX is the better technology, and I > think it's important that the best security technology be in place.
the difference is not that big and only in tradeoffs. eg pax trades virtual address space against protecting a rare occurance (eg where exec shield wouldn't work because of a high executable mapping. That really doesn't happen in normal programs) > On a final note, isn't PaX the only technology trying to apply NX > protections to kernel space? Exec Shield does that too but only if your CPU has hardware assist for NX (which all current AMD and most current intel cpus do). - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
