-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >> > Do you own 64 bit applications that won't run on a 32 bit system? > > I don't own any applications Marty, neither 32 or 64 bit but there is > some OSS software that can take advantage of 64bit. > OSS is not very descriptive. Can you name 1 OSS package that is worth all your trouble? Is this application and all it's dependancies written securely, with PIC and PIE enabled? Will it all compile with SSP?
As far as 64 bit being safe by obscurity... Don't be confused; every 32 bit vulnerability is also a 64 bit vulnerability when they attack the Linux API. And the original 8 bit instructions will execute perfectly if injected into the stack by a buffer overflow padded with NOOPs. This is why using SSP, PIC, PIE, PAX, etc. is so important. You cannot neglect network security and expect HLFS to protect you. You harden the system to provide the last line of defense against really bad things. Marty B. - -- Putting Microsoft in a computer is like putting screen doors in a submarine. Hopeless. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFHWRqnodd/GHZYnVQRAhunAJ42x+dxJaq1NBEb90ZQR+EkCkstqQCdHOYI KzOdH+Q2kxdc28y/JB/hPjM= =EueD -----END PGP SIGNATURE----- -- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
