On Sun, Sep 10, 2017 at 01:32:27PM +0200, Maxime Villard wrote: > Le 10/09/2017 à 13:16, Manuel Bouyer a écrit : > > On Sun, Sep 10, 2017 at 01:13:14PM +0200, Maxime Villard wrote: > > > True enough; but in this particular case, leaving compat features enabled > > > just > > > for the sake of simplicity produces a system that is much more vulnerable > > > than > > > if it had one level of indirection. > > > > If you know it's vulnerable then fix it, do not spend time trying to > > work around it. > > Yes, compat_linux/linux32/svr4/svr4_32/ibcs2/etc are probably still > vulnerable,
as is the native exec path or compat_netbsd32 ... -- Manuel Bouyer <bou...@antioche.eu.org> NetBSD: 26 ans d'experience feront toujours la difference --