Isn't it miserable to see, that as time is passing by, more and more
important softwares (java, python, libreoffice, firefox) conflict with
more and more PAX restrictions?
I would expect exactly the opposite. But it seems, that developers become
less and less aware (or care less) about security.

Nowdays I would rather run libreoffice and firefox in a jail. But I have
no time to set up an environment and grsec policy for it.
-- 
dr Tóth Attila, Radiológus, 06-20-825-8057
Attila Toth MD, Radiologist, +36-20-825-8057

2011.December 31.(Szo) 13:05 időpontban pageexec@... ezt írta:
> On 30 Dec 2011 at 13:28, Sven Vermeulen wrote:
>
>> Regarding the firefox issue, I don't know if a bug is already opened for
>> that, but the solution is to paxmark -r (disable RANDMMAP)  both
>> xpcshell
>> (you'll need to edit the ebuild to do so or do it before it starts in
>> the
>> install phase) and the resulting firefox binary (on the system).
>
> no, that's pretty much never a solution ;), better fix the bug, see
> bugzilla.
>
>