Executable memory: further programs that fail

[Jef Spaleta]

Gerard Milmeister wrote:

> I propose to disable exec-shield by default,
> however the feature may otherwise be, and giving the user (via a GUI
> perhaps) the option to "harden" the system. Maybe when exec-shield is
> incorporated into the standard kernel, and other distributions use it,
> and thereby software developers are forced to adapt their programs, it
> could be switched on by default.

Under that logic......you would wait till ALL distros had the feature
available before the defaults on any distro went from off to on. I would
suggest that this would not encourage developers of the programs that
get bitten by exec-shield to look at the problems, until that absolutely
HAD to..to get their program working with exec-shield. That's not very
proactive development. And using your logic...even if ALL the distros
had the exec-shield feature, you would STILL argue that the default
should be off, to allow developers of the affected programs some time to
work things out. This is not proactive development.  

I submit to you that developers of programs that are being effected by
by exec-shield need a distro that defaults with exec-shield on asap, so
they can use a widely tested exec-shield setup as a test-bed to help
them re-code their applications. IF all the distros wait and wait and
wait for everyone to have exec-shield available, that gives 'out of
touch' developers more time to wait and wait and wait..before they have
to really deal with the problem. And the longer developers wait to fix
the application level problems that result when exec-shield is turned
on...the messier its going to be when exec-shield gets turned on and
left on..by default in ALL distros.

-jef"mumbles something about something being a testbed..."spaleta