On Thu, 27 Jan 2005, John Richard Moser wrote:
Arjan van de Ven wrote:
Is this one any worse?
yes.
oracle, db2 and similar like to mmap 2Gb or more *in one chunk*.
Special case?
Absolutely, but ...
Can I get this put into perspective? How much more important is "Good"
randomization versus "not breaking Oracle," which becomes "No
randomization"
1) quite a lot of Linux users do use Oracle, DB2 or do
scientific calculations - distributions cannot afford
to break those applications, the default has to work
for everybody
2) "weaker" randomization (2MB) is still effective if the
stack is non-executable, so the "load a bunch of NOPs"
approach won't work - this is what Fedora and RHEL use
3) it is not as theoretically strong as what you propose,
but having the "weaker" scheme enabled is definitely
more secure than having the "stronger" scheme disabled
because it breaks applications
--
"Debugging is twice as hard as writing the code in the first place.
Therefore, if you write the code as cleverly as possible, you are,
by definition, not smart enough to debug it." - Brian W. Kernighan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
