| 1 |
On Thursday 20 October 2011 12:47:27 Rich Freeman wrote: |
| 2 |
> I was trying to draw a contrast between passive things like |
| 3 |
> stack-protection and things that really get in your face like MAC. |
| 4 |
|
| 5 |
the trouble was in the context quoting then ... it sounded like you were |
| 6 |
proposing PaX by default |
| 7 |
|
| 8 |
i am a fan of things that "just work" though which is why i was happy to merge |
| 9 |
the fortify source code. most of that checking is done at compile time, so |
| 10 |
the runtime overhead is generally small. and in terms of packages that did |
| 11 |
break, it was (more often than not) because they were broken already but we |
| 12 |
never noticed. |
| 13 |
-mike |
Archives