[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: prelink: is it worth it?

From: Tomas Mraz <tmraz redhat com>
To: Development discussions related to Fedora <fedora-devel-list redhat com>
Subject: Re: prelink: is it worth it?
Date: Thu, 09 Jul 2009 18:20:57 +0200

On Thu, 2009-07-09 at 17:59 +0200, Till Maas wrote:
> On Thu July 9 2009, yersinia wrote:
> 
> > But something one have to pay a security prize on not disabling it :  it
> > render impossible to have a
> > centralizzated security integrity management (e.g. rfc.sf.net for example)
> > or one have to skip from check the prelink binary. Very bad i think.
> 
> You pay a security prize if you disable prelink, because it also performs 
> address space randomization:
> http://lwn.net/Articles/190139/

That's nonsense. Actually with prelink the randomization is done only
when prelink is rerun as the addresses can change only during the
prelinking.
-- 
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
                                              Turkish proverb

Follow-Ups:
- Re: prelink: is it worth it?
  - From: Till Maas

References:
- prelink: is it worth it?
  - From: Matthew Miller
- Re: prelink: is it worth it?
  - From: Ulrich Drepper
- Re: prelink: is it worth it?
  - From: yersinia
- Re: prelink: is it worth it?
  - From: Till Maas

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]