On Sat, 27 Apr 2019 at 18:09, Marc Espie <es...@nerim.net> wrote:
>
> On Sat, Apr 27, 2019 at 12:34:01PM +0700, Igor Podlesny wrote:
> > On Sat, 27 Apr 2019 at 12:26, Sebastien Marie <sema...@online.fr> wrote:
> > > On Sat, Apr 27, 2019 at 12:17:21PM +0700, Igor Podlesny wrote:
> > > > Previously users could have different behaviour of malloc
> > > > simultaneously: one in
> > > > global FS, others in chroots. Say, in global it could be more relaxed
> > [...]
> > > malloc(3) man page mentions several ways to set malloc options:
> > >
> > > - globally with vm.malloc_conf sysctl(2)
> > > - externally per apps with environment variable MALLOC_OPTIONS
> > > - internally per apps with global variable malloc_options in the program
> > >
> > > So I suppose you want to look at exported MALLOC_OPTIONS environment
> > > variable.
> >
> > Wrong. Environment is easy to be changed by any non-privileged process.
> > OTOH, root owned /etc/malloc.conf is not.
>
> Man, you have some really strange delusions about how to harden things.
% man malloc.conf | grep -i security
S Enable all options suitable for security auditing.
Oh, those hypocrite wankers here and there..
--
End of message. Next message?
