On 20/11/11 12:34 PM, Blue Swirl wrote:
On Sun, Nov 20, 2011 at 09:11, Avi Kivity wrote:
On 11/15/2011 08:12 PM, Avi Kivity wrote:
Change the default on x86 Linux hosts to building PIE (position
independent executables); instead of restricting the option to
user-only targets, apply it to all t
On 11/15/2011 12:12 PM, Avi Kivity wrote:
Change the default on x86 Linux hosts to building PIE (position
independent executables); instead of restricting the option to
user-only targets, apply it to all targets.
In addition, set the relocation sections to read-only (relro) when
available; this
On 11/20/2011 07:34 PM, Blue Swirl wrote:
> On Sun, Nov 20, 2011 at 09:11, Avi Kivity wrote:
> > On 11/15/2011 08:12 PM, Avi Kivity wrote:
> >> Change the default on x86 Linux hosts to building PIE (position
> >> independent executables); instead of restricting the option to
> >> user-only targets
On Sun, Nov 20, 2011 at 09:11, Avi Kivity wrote:
> On 11/15/2011 08:12 PM, Avi Kivity wrote:
>> Change the default on x86 Linux hosts to building PIE (position
>> independent executables); instead of restricting the option to
>> user-only targets, apply it to all targets.
>>
>> In addition, set th
On 11/15/2011 08:12 PM, Avi Kivity wrote:
> Change the default on x86 Linux hosts to building PIE (position
> independent executables); instead of restricting the option to
> user-only targets, apply it to all targets.
>
> In addition, set the relocation sections to read-only (relro) when
> availab
Change the default on x86 Linux hosts to building PIE (position
independent executables); instead of restricting the option to
user-only targets, apply it to all targets.
In addition, set the relocation sections to read-only (relro) when
available; this reduces the attack surface by disallowing ch