On 2010-Oct-30 01:37:50 +0100, "Dr. David Kirkby" <david.kir...@onetel.net> wrote: >I'm a bit unimpressed with these backwards incompatible changes.
If the only problem is that the stack has been made non-executable then I agree that it is an intrusive change but it is also reasonably important from a security point-of-view as it blocks (or radically increases the difficulty of) a large range of attacks. Most OSs made similar changes some time ago and the biggest surprise is that it took Fedora so long to catch up. >Getting code running on Solaris can be a pain, as a lot of code >written is not portable. But once it does work, it stays working. It >would be extremely unlikely for an OS upgrade to stop a binary >working, and if it did, Sun would have fixed the bug. In this particular case, it isn't a bug, it's a security fix. It's just unfortunate that a lot of code was written to rely on trampolines on the stack. And Sun got badly burnt by the SunOS 4.x to SunOS 5.x change and has therefore made a conscious decision to never break backward compatability on official APIs - the downside of this is that Solaris carries around a whole lot of cruft that probably should have been killed off years ago. >With Linux, it just seems the norm that when a new release comes out, >software that used to work stops functioning. In the last week I've >seen tickets for OpenSUSE, ArchLinux and Fedora, all where Sage built >on older releases, but does not on newer ones. Linux probably goes too far in the other direction. (And unfortunately, this mindset is also affecting Xorg and the GIMP, that I'm aware of). -- Peter Jeremy
pgpmFpk3b6QlS.pgp
Description: PGP signature
