In article <[email protected]>, Matt Thomas <[email protected]> wrote: >-=-=-=-=-=- > >Module Name: src >Committed By: matt >Date: Fri Jun 24 00:48:47 UTC 2011 > >Modified Files: > src/sys/arch/evbppc/conf: RB800 > >Log Message: >Turn on PAX_ASLR
I am fine with that, just 2 comments. - to fully take advantage of ASLR you need MKPIE=yes so that the text and data segments get randomized too. - just using options PAX_ASLR is probably safer and you can then enable it with: sysctl -w security.pax.aslr.enabled=1 christos
