-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, 14 Dec 2005 09:19:56 +0100
Harald van Dijk <[EMAIL PROTECTED]> wrote:
> On Wed, Dec 14, 2005 at 08:51:42AM +0100, Kevin F. Quinn wrote:
> > On Wed, 14 Dec 2005 07:59:23 +0100
> > Harald van Dijk <[EMAIL PROTECTED]> wrote:
> >
> > > On Wed, De
On Wed, Dec 14, 2005 at 10:27:19AM -0500, Chris Gianelloni wrote:
> On Wed, 2005-12-14 at 00:25 +, Mike Frysinger wrote:
> > On Tue, Dec 13, 2005 at 05:59:17PM -0600, Jory A. Pratt wrote:
> > > Only problem I see with this is binary packages. We can not control
> > > upstream binaries as everyo
On Wed, 2005-12-14 at 00:25 +, Mike Frysinger wrote:
> On Tue, Dec 13, 2005 at 05:59:17PM -0600, Jory A. Pratt wrote:
> > Mark Loeser wrote:
> > > Basically what I'm looking for here is an easy to understand explanation
> > > of
> > > what textrels are, why they are bad, and why they should ho
On Wed, 2005-12-14 at 00:25 +, Mike Frysinger wrote:
> On Tue, Dec 13, 2005 at 05:59:17PM -0600, Jory A. Pratt wrote:
> > Mark Loeser wrote:
> > > Basically what I'm looking for here is an easy to understand explanation
> > > of
> > > what textrels are, why they are bad, and why they should ho
On Wed, Dec 14, 2005 at 02:38:00PM +, Mike Frysinger wrote:
> there's a few problems with trying to get configure to detect whether
> the host assembler supports the --noexecstack option:
> - it's very easy to get the detection wrong and i'd bet money that
>anyone doing it for the first ti
On Wed, Dec 14, 2005 at 03:27:54PM +0100, Harald van D??k wrote:
> On Wed, Dec 14, 2005 at 01:43:28PM +, Mike Frysinger wrote:
> > On Wed, Dec 14, 2005 at 09:19:56AM +0100, Harald van D??k wrote:
> > > would need rechecking of the assembly code on updates just as much as
> > > patches which add
On Wed, Dec 14, 2005 at 01:43:28PM +, Mike Frysinger wrote:
> On Wed, Dec 14, 2005 at 09:19:56AM +0100, Harald van D??k wrote:
> > LDFLAGS? Assuming you meant ASFLAGS, this doesn't affect C files,
>
> correct
>
> > would need rechecking of the assembly code on updates just as much as
> > patc
On Wed, Dec 14, 2005 at 09:19:56AM +0100, Harald van D??k wrote:
> LDFLAGS? Assuming you meant ASFLAGS, this doesn't affect C files,
correct
> would need rechecking of the assembly code on updates just as much as
> patches which add .note.GNU-stack would, right?
no
you were supposed to send tha
On Wed, Dec 14, 2005 at 08:44:33AM +0100, Kevin F. Quinn wrote:
> The seriousness of the textrel issue is different for Hardened Gentoo
> and normal Gentoo. For Hardened Gentoo they cause real problems and
> must to be fixed to avoid compromising the overall strategy. For
> non-hardened Gentoo it
On Wed, Dec 14, 2005 at 08:51:42AM +0100, Kevin F. Quinn wrote:
> On Wed, 14 Dec 2005 07:59:23 +0100
> Harald van Dijk <[EMAIL PROTECTED]> wrote:
>
> > On Wed, Dec 14, 2005 at 03:50:16AM +, Mike Frysinger wrote:
> > > my gnu stack docs are actually complete:
> > > http://hardened.gentoo.org/gn
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Wed, 14 Dec 2005 07:59:23 +0100
Harald van Dijk <[EMAIL PROTECTED]> wrote:
> On Wed, Dec 14, 2005 at 03:50:16AM +, Mike Frysinger wrote:
> > my gnu stack docs are actually complete:
> > http://hardened.gentoo.org/gnu-stack.xml
>
> A question a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, 13 Dec 2005 15:59:03 -0500
Mark Loeser <[EMAIL PROTECTED]> wrote:
> Basically what I'm looking for here is an easy to understand
> explanation of what textrels are, why they are bad, and why they
> should hold back marking a package stable. T
On Wed, Dec 14, 2005 at 03:50:16AM +, Mike Frysinger wrote:
> my gnu stack docs are actually complete:
> http://hardened.gentoo.org/gnu-stack.xml
A question about that: you discourage fixing this with --noexecstack
because it's better to be able to submit a patch upstream. What's your
take on
On Tue, Dec 13, 2005 at 07:59:02PM -0700, Jason Wever wrote:
> On Wed, 14 Dec 2005 00:25:57 +
> Mike Frysinger <[EMAIL PROTECTED]> wrote:
>
> > no idea what you mean by "override", but here's a crazy idea ... ask
> > upstream to fix the issues. for example, we just reported executable
> > sta
Jason Wever <[EMAIL PROTECTED]> said:
> Not to redirect the thread, but can someone point me to stuff on
> executable stacks (what they are and the background info on the
> warnings in portage)?
Not really redirecting the thread since this was another thing I wanted to
find out about :) Basically
On Wed, 14 Dec 2005 00:25:57 +
Mike Frysinger <[EMAIL PROTECTED]> wrote:
> no idea what you mean by "override", but here's a crazy idea ... ask
> upstream to fix the issues. for example, we just reported executable
> stacks with the ut2004 game and Ryan of epicgames was so kind as to
> fix it
On Wed, Dec 14, 2005 at 01:37:57AM +, Ciaran McCreesh wrote:
> On Wed, 14 Dec 2005 01:20:29 + Mike Frysinger <[EMAIL PROTECTED]>
> wrote:
> | the policy i consider a no-brainer, fix TEXTRELs
>
> So... Say libfoo is
>
blah blah blah i didnt read this e-mail, i imagine it's your normal
st
Mike Frysinger <[EMAIL PROTECTED]> said:
> On Tue, Dec 13, 2005 at 08:02:27PM -0500, Mark Loeser wrote:
> > You are working on a policy, or just docs to explain the issues?
>
> documentation on PIC/TEXTRELs/etc...
>
> the policy i consider a no-brainer, fix TEXTRELs
By policy, I mean things to a
On Wed, 14 Dec 2005 01:20:29 + Mike Frysinger <[EMAIL PROTECTED]>
wrote:
| the policy i consider a no-brainer, fix TEXTRELs
So... Say libfoo is a library that decodes files in the foo format. Say
also that libfoo-2.1 is currently marked stable, and does not contain
any TEXTRELs, but only suppo
Mike Frysinger <[EMAIL PROTECTED]> said:
> > We don't avoid marking stable code
> > that, say, mallocs lots of space, then fills it with some calculated
> > numbers (for example, the first million prime numbers), even though a
> > better program would allow for that data to be shared.
>
> no one s
On Wed, Dec 14, 2005 at 01:07:53AM +, Ciaran McCreesh wrote:
> On Wed, 14 Dec 2005 00:22:36 + Mike Frysinger <[EMAIL PROTECTED]>
> | another good reason is that since the segment cannot be mapped
> | readonly, the memory cannot be shared across multiple processes ...
> | each will need to
On Tue, Dec 13, 2005 at 08:02:27PM -0500, Mark Loeser wrote:
> Mike Frysinger <[EMAIL PROTECTED]> said:
> > working on it as i said ... i wish this e-mail could have been posted
> > once i had more easier things to read :p
>
> You are working on a policy, or just docs to explain the issues?
docum
On Tue, 13 Dec 2005 20:02:27 -0500 Mark Loeser <[EMAIL PROTECTED]>
wrote:
| You are working on a policy, or just docs to explain the issues?
| From what was listed above, I'm not sure why we should require that
| people fix these issues just to have a package deemed stable.
Some people want no TEX
On Wed, 14 Dec 2005 00:22:36 + Mike Frysinger <[EMAIL PROTECTED]>
wrote:
| > The big issue with
| > this is that the text segment is usually suppose to be read only for
| > security reasons. But because the text segment needs a relocation,
| > it needs to be read-write since the relocation hap
Mike Frysinger <[EMAIL PROTECTED]> said:
> this is correct, a very good reason to fix TEXTRELs. another good
> reason is that since the segment cannot be mapped readonly, the memory
> cannot be shared across multiple processes ... each will need to have
> its own copy, thus wasting what could be s
On Tue, Dec 13, 2005 at 05:59:17PM -0600, Jory A. Pratt wrote:
> Mark Loeser wrote:
> > Basically what I'm looking for here is an easy to understand explanation of
> > what textrels are, why they are bad, and why they should hold back marking a
> > package stable. The only information I've been ab
On Tue, Dec 13, 2005 at 10:30:59PM +, Saleem A. wrote:
> On Tue, 13 Dec 2005, Mark Loeser wrote:
>
> > Basically what I'm looking for here is an easy to understand explanation of
> > what textrels are, why they are bad, and why they should hold back marking a
> > package stable. The only info
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark Loeser wrote:
> Basically what I'm looking for here is an easy to understand explanation of
> what textrels are, why they are bad, and why they should hold back marking a
> package stable. The only information I've been able to find states that t
On Tue, 13 Dec 2005, Mark Loeser wrote:
> Basically what I'm looking for here is an easy to understand explanation of
> what textrels are, why they are bad, and why they should hold back marking a
> package stable. The only information I've been able to find states that they
> could cause a perfo
On Tue, Dec 13, 2005 at 03:59:03PM -0500, Mark Loeser wrote:
> Basically what I'm looking for here is an easy to understand explanation of
> what textrels are, why they are bad, and why they should hold back marking a
> package stable. The only information I've been able to find states that they
>
Basically what I'm looking for here is an easy to understand explanation of
what textrels are, why they are bad, and why they should hold back marking a
package stable. The only information I've been able to find states that they
could cause a performance hit, but this doesn't seem to warrant bann
31 matches
Mail list logo