On Wed, May 30, 2007 at 04:11:49PM -0400, Josh Bressers wrote:
Dear Fedora developers or Experts!
Can you tell me if these is an Exec Shield kernel patch for most recent 2.6 series vanilla kernels being able to do full ALSR functionality, including the relocation of PIE binaries?
When I look at Ingo Molnar's Exec Shield patch web page (http://people.redhat.com/mingo/exec-shield/), I got the impression that a fully featured Exec Shield patch set exists only for the 2.4 series of the Linux kernels. Am I correct?
Without knowing all the nitty gritty details, I believe this is because a subset of the initial 2.4 patch is included in upstream 2.6.
I would suggesting asking one of the Fedora kernel guys, or Ingo if you want to know for sure. This list is primarily for dealing with security vulnerabilities in Fedora. I doubt anyone on this list knows enough about the working of Exec Shield to feel comfortable answering your question.
You can find a version that always applies to latest upstream (give or take a few days lag time after a point release) in the Fedora CVS. There's pointers on http://people.redhat.com/davej/
Dave