| 1 |
On 14/02/06, Alex Efros <powerman@××××××××××××××××××.com> wrote: |
| 2 |
|
| 3 |
<snip> |
| 4 |
|
| 5 |
> 2) Disallow ELF text relocations |
| 6 |
> AFAIK with this option a lot of software will not work... :( |
| 7 |
|
| 8 |
Right - for desktop machines this not a sensible option. I'd say that |
| 9 |
for many server setups it's probably OK. Probably worth pointing out |
| 10 |
here that recent versions of portage should flag up any ebuilds that |
| 11 |
end up building executables with text relocations. One can also run |
| 12 |
"scanelf -lpqt" to check the system for any existing executables that |
| 13 |
are weak in this regard. |
| 14 |
|
| 15 |
> So, here config details for my home and my servers (2.6.14-hardened-r5): |
| 16 |
|
| 17 |
<large snip> |
| 18 |
|
| 19 |
Looks great to me :) |
| 20 |
|
| 21 |
Cheers, |
| 22 |
|
| 23 |
--Kerin |
| 24 |
|
| 25 |
-- |
| 26 |
gentoo-server@g.o mailing list |
Archives