1 |
On Mon, Jun 11, 2012 at 12:46 AM, René Rhéaume <rene.rheaume@×××××.com> wrote: |
2 |
> I have a somewhat crazy idea to run JIT code with mprotect enforced: instead |
3 |
> of putting the generated code into anonymous memory, why not put it as a |
4 |
> shared library inside a tmpfs, the the host program simply call dlopen on |
5 |
> it? |
6 |
|
7 |
This is similar to what USE=orc does — creating an executable in /tmp |
8 |
at runtime. It works with GStreamer on hardened, if allowed by |
9 |
GRKERNSEC_TPE. I still don't like the concept, and switch orc off. |
10 |
|
11 |
-- |
12 |
Maxim Kammerer |
13 |
Liberté Linux: http://dee.su/liberte |