Gentoo Archives: gentoo-dev

From:	"Jason A. Donenfeld" <Jason@×××××.com>
To:	gentoo-dev@l.g.o
Subject:	Re: [gentoo-dev] Can we get PIE on all SUID binaries by default, por favor?
Date:	Fri, 27 Jan 2012 21:03:48
Message-Id:	`CAHmME9pPywaDMfVvwR6x0rq7ubA4r1WbVUvKi2F7YBLcathoqg@mail.gmail.com`
In Reply to:	Re: [gentoo-dev] Can we get PIE on all SUID binaries by default, por favor? by "Paweł Hajdan

1	On Fri, Jan 27, 2012 at 20:39, "Paweł Hajdan, Jr." <phajdan.jr@g.o>wrote:
2	>
3	> The most common argument against it is performance loss I think, and
4	> there are probably less than 10 packages that have some compilation
5	> issues with PIE. In my opinion we can deal with that, and security
6	> benefits are much more important.
7
8
9	I'm not suggesting PIE is enabled by default for all packages. This is a
10	big job with performance losses, etc. I am suggesting that PIE is enabled
11	for all SUID binaries.