yum wants to remove my kernels, why?
Arjan van de Ven
arjan at fenrus.demon.nl
Sun Jan 22 20:45:29 UTC 2006
On Sun, 2006-01-22 at 21:33 +0100, Dawid Gajownik wrote:
> Dnia 01/22/2006 06:05 PM, Użytkownik Arjan van de Ven napisał:
>
> > I think chosing for secure is the right approach.
>
> Talking about security... What's the current status of FORTIFY_SOURCE in
> the kernel? You proposed this feature in this mail →
> https://www.redhat.com/archives/fedora-devel-list/2005-June/msg00012.html
> Patch is also available → http://lkml.org/lkml/2005/5/25/46 but it's not
> included in the Fedora's kernels →
> http://cvs.fedora.redhat.com/viewcvs/rpms/kernel/devel/ (why?)
(I'm not working for Red Hat nor do I have any "put this in the kernel
rpm" rights)
we investigated all places where it'd have any effect, and all of them
were correct already (eg used the proper tests). The reason for this is
simple: the kernel has a really tiny stack, so stack buffers are rare,
really rare. And gcc doesn't know that "kmalloc" is like malloc, so
fixed size allocations via kmalloc aren't recognized... so the value of
the protection for now was basically zero ;-(
More information about the fedora-test-list
mailing list