On Thu, 20 Jan 2005 13:16:33 EST, John Richard Moser said: > > 1) the halving of the per-process VM space from 3GB to 1.5GB.
> Which has *never* caused a problem in anything I've ever used, and can > be disabled on a per-process basis. Just because something has never caused *you* a problem doesn't mean that it's suitable for inclusion in something like RedHat where it's almost certain to cause a problem for *some* user. > > [ 3) requires manual tagging of applications. ] > > > > Good. Maybe distributors will actually know what they're talking about > when flapping their mouths, rather than say "Oh look PaX it's magic so > we just need to turn it on!" Even I (at user level) examine everything > I'm using and try to understand it; I don't expect all users to do this, > but the distribution has to. OK.. but then you say... > PT_GNU_STACK is actually explicitly disabled -- apparently this is hard > work, as my distribution can't seem to always keep up with it or get it > quite right. Can you explain why your distro has difficulty getting PT_GNU_STACK 100% right, but you expect them to get tagging of apps with a flag that has almost identical semantics to PT_GNU_STACK correct?
pgpllo73hQmU3.pgp
Description: PGP signature
