Archives
Archives
| From: | Pavel Labushev <p.labushev@×××××.com> | ||
|---|---|---|---|
| To: | gentoo-hardened@l.g.o | ||
| Subject: | Re: [gentoo-hardened] Re: Remove the pic use flag in the hardened amd64 profile. | ||
| Date: | Sun, 27 Feb 2011 15:20:30 | ||
| Message-Id: | 4D6A6B6D.9090104@gmail.com | ||
| In Reply to: | Re: [gentoo-hardened] Re: Remove the pic use flag in the hardened amd64 profile. by "Anthony G. Basile" |
||
| 1 | 27.02.2011 21:53, Anthony G. Basile пишет: |
| 2 | |
| 3 | > An example of where it does is an attempt to defeat address space |
| 4 | > randomization by brute force. 32-bit address space is only 4G which is |
| 5 | > not impossibly large for success by brute force while 64-bits is about |
| 6 | > 10^19. A lot harder. |
| 7 | |
| 8 | Another point: UDEREF on x86 is more reliable than on amd64. Choose x86 if |
| 9 | your big concern is to protect the kernel from userland (like, if you use |
| 10 | privilege separation/revocation not just because it looks fancy on paper). |
| Subject | Author |
|---|---|
| Re: [gentoo-hardened] Re: Remove the pic use flag in the hardened amd64 profile. | "Tóth Attila" <atoth@××××××××××.hu> |