enable null pointer hardening by default

Kyle McMartin kyle at mcmartin.ca
Thu Dec 13 16:33:35 UTC 2007


On Thu, Dec 13, 2007 at 11:31:30AM -0500, Eric Paris wrote:
> I actually talked to the sysctl.conf owner first who said "if it is a
> good default for everyone turn it on in the kernel"
> 

Ah, I meant in a regular init script and using /etc/sysconfig/security
or something.

> which i tended to agree with.  But I like Eric's way of enabling it
> better, especially since now every distro will have to choose to
> enable/disable rather than just having it ignorable.
> 

Yeah, config option upstream is definitely the sanest way forward. :)

cheers, Kyle




More information about the Fedora-kernel-list mailing list