On Wed, Jun 27, 2007 at 12:00:04AM +0000, Thorsten Glaser wrote: > As for the PIEs, kFreeBSD 6.x kernel has gained a patch to support > executing PIEs some time ago (since I only tested 5.4 and 7.0 I had > not known that, plus I'm not exactly a heavy Debian user...), and > they backported the fix to the 5.x kernel series (the 7.0 series are, > according to the developers, "experimental", and outdated).
To be honest, since it isn't mandatory, I'd rather not have the support headache for a while. > So there is no need on your part to not build PIEs on kFreeBSD any > more. (I wonder what the benefit of a PIE is, do you happen to have > a pointer to some docs/manual on it? I know (now) in theory what a > PIE is, but don't see the point.) It lets us take advantage of address space layout randomisation to make stack-smashing attacks harder. Cheers, -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]