[arch-general] PIE repo considerations
Levente Polyak
anthraxx at archlinux.org
Mon May 16 16:01:02 UTC 2016
On 05/16/2016 05:47 PM, Information Technology Works wrote:
> I also don't understand the lack of discussion on something this
> important by other devs. one person had concerns about various things
> and another mentioned whether upstream would support it and that was it.
> I was hoping to at least hear why the wrapper method was so out of spec
> for arch as to warrant not supporting full aslr. I'm sure it seems
> obvious to those devs opposed, but not to me or possibly other end
> users. Also, i don't think i'm owed an explanation. I'm just saying more
> context for something this important would have been nice.
>
I think at the current state it will be waste of efforts to setup a user
repository and build everything with hardening-wrapper. There has been
several internal discussion about PIE in the past and recent times, that
is definitively something that we are aware of.
In the past there has been various (performance) reasons with gcc5 that
hold up stepping further, so the decision was to not backport gcc6
patches and wait for gcc6 so arrive. Fortunately gcc6 arrived so the
topic landed again on the tables for discussion. The current state is
that we wanted to have some benchmarking with current (non-PIE) and PIE
enabled binaries to compare them and make sure it eliminated all
previous concerns.
If you want to to really help pushing this topic in an official way then
the most useful and best step you could do is helping out to do those
benchmarks.
cheers,
Levente
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-general/attachments/20160516/c119aab9/attachment.asc>
More information about the arch-general
mailing list