[arch-general] ASLR and PIE wider adoption.
Kevin Chadwick
ma1l1ists at yahoo.co.uk
Mon Apr 16 05:39:34 EDT 2012
With more and more distros and even android employing gccs -fpie for
building packages, should Arch consider enabling it.
For my users it would mean less programs being killed by the
grsecurity kernel due to text relocation attempts. No complaints yet as
I have a sandboxed flash browser but eventually there may be one about
x264/mp4.
For everyone else it would mean a more secure system due to better use
of ASLR.
Are complications like static binaries an issue arch simply hasn't the
time to deal with (does gcc work around them automatically now?) and do
users care more about adding upto a few seconds to the start up time of
some programs on x86 over security?
More information about the arch-general
mailing list