1 |
On Wed, 14 Dec 2005 00:22:36 +0000 Mike Frysinger <vapier@g.o> |
2 |
wrote: |
3 |
| > The big issue with |
4 |
| > this is that the text segment is usually suppose to be read only for |
5 |
| > security reasons. But because the text segment needs a relocation, |
6 |
| > it needs to be read-write since the relocation happens at runtime |
7 |
| > dynamically. |
8 |
| |
9 |
| this is correct, a very good reason to fix TEXTRELs. |
10 |
|
11 |
This is only an issue if an application is already insecure. Thus, |
12 |
TEXTRELs shouldn't be considered sufficient reason to avoid marking |
13 |
something stable, any more than we avoid marking code that uses sprintf |
14 |
stable. |
15 |
|
16 |
| another good reason is that since the segment cannot be mapped |
17 |
| readonly, the memory cannot be shared across multiple processes ... |
18 |
| each will need to have its own copy, thus wasting what could be |
19 |
| significant memory resources. |
20 |
|
21 |
Again, that's a big "could be". We don't avoid marking stable code |
22 |
that, say, mallocs lots of space, then fills it with some calculated |
23 |
numbers (for example, the first million prime numbers), even though a |
24 |
better program would allow for that data to be shared. |
25 |
|
26 |
So yes, TEXTRELs when used accidentally are rather sucky. On the other |
27 |
hand, there are legitimate uses for them, and they aren't insecure, nor |
28 |
are they necessarily any worse performance-wise than code that uses |
29 |
other methods. |
30 |
|
31 |
Banning TEXTRELs outright makes no more sense than banning code that |
32 |
uses goto or sprintf -- if TEXTRELs are used accidentally and there's |
33 |
an easy fix, take it, but don't let them stop you from providing the |
34 |
most stable version of a package to your users. |
35 |
|
36 |
Oh, and don't accept reasons like "but they don't work if we enable |
37 |
$obscure_voodoo in the compiler" either. If $obscure_voodoo breaks on |
38 |
legitimate TEXTRELs then $obscure_voodoo is broken, not the code using |
39 |
TEXTRELs. |
40 |
|
41 |
-- |
42 |
Ciaran McCreesh : Gentoo Developer (I can kill you with my brain) |
43 |
Mail : ciaranm at gentoo.org |
44 |
Web : http://dev.gentoo.org/~ciaranm |