On Fri, Jan 05, 2018 at 09:53:16AM -0800, Andy Lutomirski wrote:
> emulate_noread would avoid one exploit technique that Kees saw
> somewhere. And per-process disablement would let a system remain
> compatible with old binaries without reducing security for newer
> binaries.
Or we can simply say new binaries can switch to the vdso. Because this
way, vsyscall will never really be phased out - new shit will simply
keep using it.
--
Regards/Gruss,
Boris.
Good mailing practices for 400: avoid top-posting and trim the reply.
