On Sun, Sep 10, 2017 at 01:32:27PM +0200, Maxime Villard wrote:
> Le 10/09/2017 à 13:16, Manuel Bouyer a écrit :
> > On Sun, Sep 10, 2017 at 01:13:14PM +0200, Maxime Villard wrote:
> > > True enough; but in this particular case, leaving compat features enabled
> > > just
> > > for the sake of simplicity produces a system that is much more vulnerable
> > > than
> > > if it had one level of indirection.
> >
> > If you know it's vulnerable then fix it, do not spend time trying to
> > work around it.
>
> Yes, compat_linux/linux32/svr4/svr4_32/ibcs2/etc are probably still
> vulnerable,
as is the native exec path or compat_netbsd32 ...
--
Manuel Bouyer <bou...@antioche.eu.org>
NetBSD: 26 ans d'experience feront toujours la difference
--
