On 11/15/2011 08:12 PM, Avi Kivity wrote:
> Change the default on x86 Linux hosts to building PIE (position
> independent executables); instead of restricting the option to
> user-only targets, apply it to all targets.
>
> In addition, set the relocation sections to read-only (relro) when
> available; this reduces the attack surface by disallowing changes to
> relocation tables at runtime.
>
> While PIE reduces performance and relro increases load time, it
> greatly improves security, with the potential to reduce a code
> execution vulnerability to a self denial of service.
>
> Non-x86 are not changed, as they require TCG changes; neither are
> non-Linux, due to lack of test coverage.
>
>

Ping.

-- 
error compiling committee.c: too many arguments to function


Reply via email to