| 1 |
Hi! |
| 2 |
|
| 3 |
On Sat, Sep 19, 2015 at 09:33:15PM +0200, PaX Team wrote: |
| 4 |
> > > 1. enable ELFRELOCS in your kernel config (and keep MPROTECT enforced |
| 5 |
> > > on all binaries) |
| 6 |
> > Done. This works. I don't really like it, but let it be, at least for now. |
| 7 |
> well, disabling MPROTECT is much worse, this way you can at least |
| 8 |
> control which binaries can map libaries with textrels. |
| 9 |
|
| 10 |
I don't get it. With MPROTECT I control which binaries won't be protected. |
| 11 |
With ELFRELOCS I don't control binaries and all of them will be less protected. |
| 12 |
And I doubt "all less protected" is better than "few not protected". |
| 13 |
|
| 14 |
-- |
| 15 |
WBR, Alex. |
Archives