F22 System Wide Change: Harden all packages with position-independent code
Dhiru Kholia
dhiru.kholia at gmail.com
Fri Jan 9 17:45:47 UTC 2015
On Fri, 9 Jan 2015, Zbigniew Jędrzejewski-Szmek wrote:
> ...
> Microbenchmarks get us only so far, we need to know the impact the
> change makes for the whole system. We won't know that until enough
> packages have been rebuilt.
https://www.alpinelinux.org/about/
"The kernel is patched with grsecurity/PaX out of the box, and all
userland binaries are compiled as Position Independent Executables (PIE)
with stack smashing protection."
The whole system performance can't be that bad. Other distributions
(Alpine Linux being one of them) are already fully PIE enabled.
Dhiru
More information about the devel
mailing list