1 |
Hi! |
2 |
|
3 |
On Sat, Sep 19, 2015 at 09:33:15PM +0200, PaX Team wrote: |
4 |
> > > 1. enable ELFRELOCS in your kernel config (and keep MPROTECT enforced |
5 |
> > > on all binaries) |
6 |
> > Done. This works. I don't really like it, but let it be, at least for now. |
7 |
> well, disabling MPROTECT is much worse, this way you can at least |
8 |
> control which binaries can map libaries with textrels. |
9 |
|
10 |
I don't get it. With MPROTECT I control which binaries won't be protected. |
11 |
With ELFRELOCS I don't control binaries and all of them will be less protected. |
12 |
And I doubt "all less protected" is better than "few not protected". |
13 |
|
14 |
-- |
15 |
WBR, Alex. |